[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rsync with ssh




On Sun, Jun 13, 1999 at 08:05:30PM -0500, charles@lunarmedia.net wrote:
> 
> Hello all,
> I have a server set up to mirror another's directory structure using rsync
> with ssh as the transport so I am able to get a fair amount of security in
> the transfer.
> 
> Since I want to do the transfer off hours, I have a cron job to run rsync
> in the wee hours of the morn. Unfortunately, since I am using ssh, when
> rsync connects, it is prompted to enter the passphrase for the user
> connecting. Now, I am no expect scripter, or any kinda scripter for that
> matter, but I just feel that there must be some way to automate the
> passing of the phrase so this can run without a hitch and I can sleep
> through it. I read the man for rsync a number of times, and I just don't
> see an option to send anything to an expected prompt. Is anyone familiar
> with how to do this?

Expect is one way to do this.  Here's another:

If you create an ssh key for authentication on the originating system, 
and set up the other system to accept that key, then the requirements
for the other system to have a password are met without any typing.

The question then is to convince ssh not to require a passphrase for
unlocking the local secret key.  This is a thorny problem, with some
security risks.  However, it's doable, and as long as you are willing
to accept the risks, one of these might be good.

Here are the ways:

 - Simply don't put a passphrase on your secret key.  The
ramifications of this should be immediately obvious: anyone who can
get a hold of that key file can access the remote system without any
password.

 - Use ssh-agent.  This is a "key server" which essentially caches the
private key; you enter your passphrase once, and it remembers it for
you.  Attackers can log in to the remote host if they can log in to
the local host and convince ssh-agent to talk to them.  This involves
hacking root or cracking the local account.  Another disadvantage:
while you won't have to type the passphrase every time you connect,
you will have to type the passphrase every time ssh-agent dies, such
as when rebooting.  This can be the basis for a denial-of-service
attack; if you can coax the originator to reboot, you can keep the job 
from running until the sysadmin managed to get in and reenter the
passphrase.

 - Use rhosts for authentication.  Not good for Internet transfers;
can be safe behind a firewall.

One more thought: encoding the password in cleartext in an expect
script is just as dangerous, if not more so, than the first option
above.  While I don't recommend the first option (since the second can
be made usable without much more work), I would recommend it over
expect.

--
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.