From: Kenneth L. O. <tx8...@be...> - 2008-12-04 19:54:36
|
The problem is that when all is working properly, and I run the command -bash-3.2$ ssh -l root Winserver whoami (bash-3.2$ prompt since user 'backuppc' was setup on Fedora 8 'no-logon') WinServer should not ask for a password or pass-phrase, but only respond 'root' The process is not generating password/phrase-less keys! It did on the original setup back in October before the crash. I am wondering if some file or program update issued in the last month or so may be affecting the way the system is working now. I have an image of the install before adding system updates. I'll load that to see if the key generation works before downloading the updates and post back upon completion of this test. -- ken -----Original Message----- From: Rob Owens [mailto:rob...@bi...] Sent: Thursday, December 04, 2008 7:38 AM To: General list for user discussion,questions and support Subject: Re: [BackupPC-users] I broke perfection ... Kenneth L. Owen wrote: > Hello Rob, > > Thanks for taking the time to look at this and reply. I am learning, but > still have a ways to go before I can serve at your capacity! > There are 2 sets of keys in use here. One set is the server's keys. The system creates these keys when the ssh server is installed. These identify the server and this is what is referenced when you get the message "authenticity of host cannot be established...". That message provides you with the fingerprint of the public key for the server, and it is up to you to verify it. Note that each user who connects to that server for the first time will get that message. The other set of keys is the user's key pair. These are created with the ssh-keygen command, and they are used for authentication purposes (in place of password authentication). If a user places his public key in the ~/.ssh/authorized_keys file on another machine, that gives him the ability to log into that other machine as that particular user (whichever user's home directory he put the keys in). So I could put my public key in /home/rob/.ssh/authorized_keys and in /var/lib/backuppc/.ssh/authorized_keys and in /root/.ssh/authorized_keys and that would allow me to log in as "rob", "backuppc", and "root" on that server. > Does it matter if the BackupPC service is running? I think it was stopped > when I created the keys this time. > No, that doesn't matter. So what's the problem you're having again? The only error message I see is "ABORTED DUE TO FAILURE", but that's because you hit ctrl-c when asked if you were sure you wanted to connect. -Rob |