Ubuntu – synology nas DS213 J rsync files from ubuntu 12.04 server

keyssshsynologyUbuntu

I´ve a Synology DS213 J Nas System. I´m trying to sync folders from a ubuntu 12.04 webserver to the nas without password prompt.
therefore I logged into the nas via terminal with root account.

Created the ssh dir /root/.ssh

$ mkdir /root/.ssh

created the keys with

   $ ssh-keygen

-> with empty paraphrase

Thus ssh-copy-id is not working on the synology nas i copied the id_rsa.pub
by hand to the ubuntu machine

$ cat id_rsa.pub

Copy and paste it on ubuntu Server to

$ ~/.ssh/nas.pub

and "cated" the file into authorized_keys

$ cat ~/.ssh/nas.pub >> authorized_keys

/etc/ssh/sshd_config is set to

has RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      %h/.ssh/authorized_keys

Unfortunately If I´m trying an rsync I´m asked for the empty paraphrase and the password for the ubuntu machine.
helpful for any hint,

toni

Best Answer

You probably mixed up usernames and authorized keys.

Does 'cat ~/.ssh/nas.pub >> authorized_keys' actually put your key into '~/.ssh/authorized_keys' where it should be, and NOT into '~/authorized_keys'?
have you tried to ssh (not rsync) to the webserver from your NAS? Which username do you use to run rsync/ssh from rsync? Did you put your key into .ssh/authorized_keys for THAT username?

DETAILS:

You should have a user that runs rsync command on NAS. Let's call him 'userNAS'. The 'ssh-keygen' should be run by this user. Then you need a public key of this user, /home/userNAS/.ssh/id_rsa.pub.

This step probably worked fine for you, I assume you used root user for it. However, it's not clear from your question how have you executed '$ mkdir /root/.ssh', as '$' shows that you are not root.

Next, you need to be able to login via ssh on the Webserver. For this, you should have another user on the webserver, let's call him 'userWeb'. Now you need to copy the public key of 'userNAS' from your NAS to the 'authorized_keys' of user 'userWeb' on your webserver. E.g., to '/home/userWeb/.ssh/authorized_keys'.

Now you should be able to run 'ssh userWeb@yourwebserver.com' as 'userNAS' on your NAS and login to webserver as user 'userWeb'. However, if your user on the webserver is also root, ssh will not allow it to log in. Check the separate option in ssh configuration to enable root logins via ssh. However, this is not recommended.

Finally, rsync should have an option telling it, that it should login as 'userWeb' on the webserver. Something like '-e ssh userWeb@yourwebserver.com:/remote/dir'

Related Solutions

Linux – How to allow SSH host keys on Linux (Fedora 10 & CentOS 5.2)

Looks like you have the basics correct.

The most common reason I've seen for this to fail is the permissions on the remote authorized_keys file and the directories above it. Before allowing key-based auth, sshd performs a permissions check; if it doesn't like the results, it disallows authentication. I generally set ~/.ssh to 0700 and ~/.ssh/authorized_keys to 0600. I believe the actual $HOME cannot have group or world write either, although reading is fine.

If that still doesn't fix it, the next step is to do some debugging on the server side:

server$ /usr/sbin/sshd -d -p 2222

Then connect to the "debug" server from your client:

client$ ssh -v user@host  -p 2222

You will get copious debugging informtation on stderr on the server. I have yet to encounter an auth problem I couldn't track down from there.

Ubuntu – Passwordless SSH not working – keys copied and permissions set

Use ssh-copy-id to copy your keys; it will create any necessary files/directories and fix any broken permissions along the way.

Best Answer

Related Solutions

Linux – How to allow SSH host keys on Linux (Fedora 10 & CentOS 5.2)

Ubuntu – Passwordless SSH not working – keys copied and permissions set

Related Topic