Thursday, September 19, 2013

RSYNC command without authentication - 8 simple steps

Initially, when i try to sync the files from remotehost to localhost, i have to execute manually by executing in command prompt. I thought of executing the command by shell script and then call this script from cronjob. When i do this, the script was asking for authentication which is seems no difference between manual effort and an automated one. In order to avoid this, the following steps will explain how to perform RSYNC from localhost to remote host without entering password.
umasarath@localhost:~$ rsync -v umasarath@remotehost:/home/umasarath/test/* test/
umasarath@remotehost's password:
sent 61 bytes  received 144 bytes  82.00 bytes/sec total size is 18  speedup is 0.09
  1. Verify that localhost and remotehost is running openSSH
    umasarath@local:~$ ssh -V
    OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
    umasarath@remote:~$ ssh -V
    OpenSSH_5.3p1 Debian-3ubuntu7, OpenSSL 0.9.8k 25 Mar 2009
  2. Generate key-pair on the local-host using ssh-keygen
    umasarath@local:~$ ssh-keygen
    Generating public/private rsa key pair.
    Enter file in which to save the key (/home/umasarath/.ssh/id_rsa):<<press enter>>
    Created directory '/home/umasarath/.ssh'.
    Enter passphrase (empty for no passphrase): <<enter your passphrase>>
    Enter same passphrase again:<<Re-enter your passphrase>>
    Your identification has been saved in /home/umasarath/.ssh/id_rsa.
    Your public key has been saved in /home/umasarath/.ssh/
    The key fingerprint is:c1:c2:ed:a5:8e:43:d3:72:ac:d2:a6:8c:a3:45:52:b5 umasarath@localhost

    The public key and private key are typically stored in .ssh folder under your home directory. In this example, it is under /home/umasarath/.ssh. You should not share the private key with anybody.

  3. Install public key on the remote-host.
    Copy the content of the public key from the localhost and paste it to the /home/umasarath/.ssh/authorized_keys on the remotehost. If the /home/umasarath/.ssh/authorized_keys already has some other public key, you can append this to the end of it. If the .ssh directory under your home directory on remotehost is missing, please create it.

    In simple words, copy the localhost:/home/umasarath/.ssh/ to remotehost:/home/umasasrath/.ssh/authorized_keys.

  4. Give appropriate permission to the .ssh directory on the remote-host.

    umasarath@remote:~$ chmod 777 ~/.ssh
    umasarath@remote:~$ chmod 777 ~/.ssh/authorized_keys
    This will avoid permission issues.
  5. Login from the localhost to remotehost using the SSH key authentication to verify whether it works properly.

    umasarath@local:~$ <<you are here on localhost>>
    umasarath@local:~$ ssh -l umasarath remotehost
    Enter passphrase for key 'home/umasarath/.ssh/id_rsa':<<enter your passphrase>>
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'remotehost' (RSA) to the list of known hosts.
    Enter passphrase for key '/home/umallamp/.ssh/id_rsa':<<Enter your passphrase here>>
    Last login: Thu Sep 19 15:18:27 2013 from
    Kickstarted on 2013-04-30
    umasarath@remote:~$<<You are here on remotehost>>
  6. Start the SSH Agent on local-host to perform ssh and scp without having to enter the passphrase several times.

    Verify whether SSH agent is already running, if not start it as shown below.

    umasarath@local:~$ ps -ef | grep ssh-agent
    511       9789  9425  0 00:05 pts/1    00:00:00 grep ssh-agent
    umasarath@local:~$  eval `ssh-agent -s`
    Agent pid 1240
    umasarath@local:~$ ps -ef | grep ssh-agent
    umasarath 1240     1  0 16:12 ?        00:00:00 ssh-agent -s
    umasarath 1925 22199  0 16:30 pts/3    00:00:00 grep --color=auto ssh-agent
    admin   2481  2447  0 Sep04 ?        00:00:01 /usr/bin/ssh-agent /usr/bin/dbus-launch --exit-with-session gnome-session

    If the ssh-agent is not started, you will be facing the below error. If you face this error, start the SSH-AGENT as stated above.
    Inorder to run ssh-agent automatically, please refer to this article.
    umasarath@ubuntu:~$ ssh-add
    Could not open a connection to your authentication agent.
  7. Load the private key to the SSH agent on the localhost.
    umasarath@local:~$ ssh-add
    Enter passphrase for /home/umasarath/.ssh/id_rsa: <<Enter your passphrase here>
    Identity added: /home/umasarath/.ssh/id_rsa (/home/umasarath/.ssh/id_rsa)
  8. Perform SSH or SCP to remote-home from localhost without entering the password.

    umasarath@localhost:~$ rsync -v umasarath@remotehost:/home/umasarath/test/* test/
    sent 61 bytes  received 144 bytes  82.00 bytes/sectotal 
    size is 18  
    speedup is 0.09
    NOW you will observe that there is NO PASSWORD AUTHENTICATION HERE.
Try this and explore yourself!

Kindly let me know your feedback on this article.

No comments:

Post a Comment