При выполнениии rsync
можно указать ключ, что бы не вводить пароль.
Содержание
RSA generate
Генерируем ключ:
[simterm]
$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/setevoy/.ssh/id_rsa): /home/setevoy/.ssh/WORK/JM/jm-gw-proxy Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/setevoy/.ssh/WORK/JM/jm-gw-proxy. Your public key has been saved in /home/setevoy/.ssh/WORK/JM/jm-gw-proxy.pub.
[/simterm]
Копируем его на сервер:
[simterm]
$ ssh-copy-id -i /home/setevoy/.ssh/WORK/JM/jm-gw-proxy -p 2201 [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/setevoy/.ssh/WORK/JM/jm-gw-proxy.pub" /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh -p '2201' '[email protected]'" and check to make sure that only the key(s) you wanted were added.
[/simterm]
Проверяем:
[simterm]
$ ssh -i /home/setevoy/.ssh/WORK/JM/jm-gw-proxy -p 2201 [email protected] Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-87-generic x86_64) ... Last login: Wed Jul 26 09:37:54 2017 from 194.105.145.45 jmadmin@lj3hwzghi6ibg000001:~$
[/simterm]
rsync sudo
Для sudo
при rsync
– добавляем --rsync-path="sudo rsync"
rsync
RSA
ssh -i
keyname
Вариант первый – добавляем -e "ssh -i /home/jmadmin/.ssh/jm-gw-proxy"
:
[simterm]
$ sudo rsync -e "ssh -i /home/jmadmin/.ssh/jm-gw-proxy" -avh --rsync-path="sudo rsync" /etc/letsencrypt/{live,archive} [email protected]:/etc/letsencrypt/ sending incremental file list sent 4.14K bytes received 28 bytes 8.34K bytes/sec total size is 66.04K speedup is 15.83
[/simterm]
.ssh/config
Другой вариант – использовать .ssh/config
.
Добавляем в него запись (в .ssh/config
пользователя root
, т.к. rsync
через sudo
):
Host 10.0.0.5 User jmadmin IdentityFile /home/jmadmin/.ssh/jm-gw-proxy
Проверяем:
[simterm]
$ sudo rsync -avh --rsync-path="sudo rsync" /etc/letsencrypt/{live,archive} [email protected]:/etc/letsencrypt/ sending incremental file list sent 4.14K bytes received 28 bytes 8.34K bytes/sec total size is 66.04K speedup is 15.83
[/simterm]
Готово.
ssh-agent
Третий вариант – ssh-agent
.
Запускаем его (тут опять от рута):
[simterm]
# eval "$(ssh-agent -s)" Agent pid 10503
[/simterm]
Добавляем ключ:
[simterm]
# ssh-add /home/jmadmin/.ssh/jm-gw-proxy Identity added: /home/jmadmin/.ssh/jm-gw-proxy (/home/jmadmin/.ssh/jm-gw-proxy)
[/simterm]
Проверяем:
[simterm]
# rsync -avh --rsync-path="sudo rsync" /etc/letsencrypt/{live,archive} [email protected]:/etc/letsencrypt/ sending incremental file list sent 4.14K bytes received 28 bytes 8.34K bytes/sec total size is 66.04K speedup is 15.83
[/simterm]
Готово.