Ssh – Rsync with ssh-keygen to ssh user with limited commands and specifc directory

rsyncsshssh-keygen

I have two machines, local and remote.

I want to back up my files and folders to the remote machine automatically, using rsync to transfer files and folders, using ssh-keygen to automatically log into the remote machine.

I can do this as ssh root, but that will be a bit of security risk: someone can log directly into the remote machine as root if the local files have been compromised.

I tried rssh but I couldn’t log in automatically using ssh-keygen.

What I am looking for is a way to create an ssh user with limited access to shell commands and with access only to a specific directory safe for automatically logging in with no harm to the remote machine.

Best Answer

You can limit the command run when using a ssh key-pair by using command="...." into ~/.ssh/authorized_keys file. Example took from here:

$ cat ~/.ssh/authorized_keys 
command="/usr/local/bin/rsync --server -vlogDtprz --delete . /tmp",no-pty,no-agent-forwarding,no-port-forwarding ssh-rsa AAAAB3NzaC1y[...] kattoo@spaghetti

Related Solutions

Linux SSH – Permission Denied (publickey) from Ubuntu to Amazon EC2

The first thing to do in this situation is to use the -v option to ssh, so you can see what types of authentication is tried and what the result is. Does that help enlighten the situation?

In your update to your question, you mention "on another local Ubuntu". Have you copied over the ssh private key to the other machine?

SSH rsync – How to Nice rsync on Remote Machine

You can use the --rsync-path option, eg.

rsync --rsync-path="nice rsync" foo remotebox:/tmp/

Best Answer

Related Solutions

Linux SSH – Permission Denied (publickey) from Ubuntu to Amazon EC2

SSH rsync – How to Nice rsync on Remote Machine

Related Topic