I need to create a cron script that will scp all the logs from one machine to a log parsing machine but when I scp I am requested to insert a password. Usually, when I connect to the servers using Putty, i'm using pageant
and Putty to allow agent forwarding and when I choose the machine I want to connect to, it opens a putty window and gets me straight to the shell without the need to insert a password. This happens after I insert my rsa public key to the .ssh/authorized_keys file on each machine.
I'd like to do the same but between two servers.
Edit: I don't know why it was voted down… i think it's a legitimate question.
Please tell me please what i'm doing wrong:
[root@search-uk-1 .ssh]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ca:ab:4d:95:a4:ee:47:67:0c:e1:23:f3:73:46:67:7e root@search-uk-1.int.incredimail.com
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . |
| ... |
| oo+.. o |
| .+S= + |
| o o+ * . E |
| =. * . |
| + .. |
| ..+. |
+-----------------+
[root@search-uk-1 .ssh]# ssh-copy-id root@sawmill
root@sawmill's password:
Now try logging into the machine, with "ssh 'root@sawmill'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@search-uk-1 .ssh]# ssh root@sawmill
Enter passphrase for key '/root/.ssh/id_rsa':
Last login: Mon Nov 5 11:32:33 2012 from search-uk-1.int.incredimail.com
[root@sawmill ~]# exit
logout
Connection to sawmill closed.
[root@search-uk-1 .ssh]# ssh root@sawmill
Enter passphrase for key '/root/.ssh/id_rsa':
Even if i copy the rsa key from the .pub file and paste it on the remote's machine .ssh/authorized_keys it still keeps asking me for password.
Thanks
Best Answer
I'ts quite simple. Generate on machine your rsa_id with
ssh-keygen -t rsa
After that just execute
ssh-copy-id login@secondmachine
put password thats all. After that you should be able to login whithout password from one machine to another (if you want login with no password from both machines then you should do same steps on second machine).But maybe you should consider using rsync for this jobs. Using password for rsync in cronjobs is very simple with environment variables USER and RSYNC_PASSWORD. Put this in your script
after that any rsync command will use this variables. It's much safer because rsync user is not system user. You will have to configure rsync servers but it's very simple. And you can secure rsync share by using host allow directive in rsync configuration.