I'm kind of confused, I have set up public keys between two servers and it works great, sort of. It only works if I ssh manually from a terminal. When I put the ssh command into a python script, it asks me for a password to login. The script is using rsync to sync up a directory from one server to the other.
manual ssh command that works, no password prompt, automatic login:
ssh -p 1234 garfonzo@123.456.789.123
In the Python script:
rsync --ignore-existing --delete --stats --progress -rp -e "ssh -p 1234" garfonzo@123.456.789.123:/directory/ /other/directory/
What gives?
(obviously, ssh details are fake)
EDIT Per Request
@Zoredache – I put -vv in the script (and the -i to specify where the key is, that actually got me one step closer) and it showed an interesting bunch of lines:
debug1: Host '[123.456.789.123]:1234' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug2: bits set: 515/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/garfonzo/.ssh/id_dsa.pub (0x7f125c489bd0)
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/garfonzo/.ssh/id_dsa.pub
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-dss blen 434
debug2: input_userauth_pk_ok: fp 81:02:20:f0:62:16:30:15:4d:0b:2e:91:7c:ba:5c:05
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/garfonzo/.ssh/id_dsa.pub':
debug2: no passphrase given, try next key
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
It seems that, not that it knows where my key is stored on the client side (probably the problem before) it is asking for the passphrase. Problem is is that I did not specify a passphrase, I left it blank. Odd… Perhaps I will create a new set of keys?
EDIT 2
@ckliborn – great idea! I think this may have shown what my problem is. The one line that I think points to my problem is this:
debug1: Found key in /home/garfonzo/.ssh/known_hosts:1
whereas, when run via the script, the same line is:
debug1: Found key in /root/.ssh/known_hosts:1
So, the client is looking in the wrong spot for the key. When I specify the key location, it asks for a pass-phrase, which I haven't set. Arg!
?Confused?
Best Answer
In the python script have you tried explicitly giving the location of the identity file that you want to use with the "-i" flag?
Ex:
rsync --ignore-existing --delete --stats --progress -rp -e "ssh -i /home/user/.ssh/keyfile -p 1234" garfonzo@123.456.789