Rsync with SSH prompting for remote password

4

I have followed the following guide to setup Rsync with SSH between my local machine and a remote server:

I performed the below as root:

  1. rsync -avz -e ssh /home/user/dir root@192.168.200.10::Backup/dir -> prompts for password

  2. ssh-keygen -> Key generated

  3. ssh-copy-id -i ~/.ssh/id_rsa.pub 192.168.200.10 -> confirmation that keys were copied

  4. ssh 192.168.200.10 -> Accesses the remote server without promting for password

  5. rsync -avz -e ssh /home/user/dir root@192.168.200.10::Backup/dir -> Prompts for password

Is it not strange that I can SSH into the remote server without being prompted for the password but do when using rsync?

I can see .ssh/authorized_keys on the remote server.

Where am I doing wrong?

China Diapers

Posted 2015-10-31T22:01:24.053

Reputation: 43

1When you ssh to the remote server are you doing it as root ? – Pierre-Alain TORET – 2015-10-31T22:07:33.790

Yes I ssh as root. I had tried the same steps as user but am prompted for password when I ssh – China Diapers – 2015-10-31T22:10:10.750

the following isn't the cause of the problem but just a point.. I think with the -i you should remove .pub because -i specifies the private key, and you can remove -i ~/.ssh/id_rsa completely because that's the default afaik. (unless you set a different default), but even then you don't want .pub after the -i but that's not the erason for your problem since you say ssh is working fine, it's rsync that isn't. – barlop – 2015-10-31T22:10:36.613

@ChinaDiapers For those who do not want to use the daemon mode, and have an alternate port in use and/or store their id_rsa.pub in a separate location, I left some examples below. Moreover, even without alternate port and in the standard location, I cannot get the officially accepted answer to work. – oemb1905 – 2019-07-07T07:21:33.727

Answers

2

You are mixing two separate connection modes: with a remote shell (-e ssh) and without a remote shell, thru a rsync daemon (identified by the double colon).

The manual states:

CONNECTING TO AN RSYNC SERVER

It is also possible to use rsync without a remote shell as the trans- port. In this case you will connect to a remote rsync server running on TCP port 873.

...... you either use a double colon :: instead of a single colon to separate the hostname from the path, or you use an rsync:// URL.

....... Some paths on the remote server may require authentication. If so then you will receive a password prompt when you connect. You can avoid the password prompt by setting the environment variable RSYNC_PASSWORD to the password you want to use or using the --password-file option. This may be useful when scripting rsync.

Probably the simplest way to obtain passwordless authentication for you is to modify the command above as follows:

   rsync -avz -e ssh /home/user/dir root@192.168.200.10:/absolute/path/to/Backup/dir

MariusMatutiae

Posted 2015-10-31T22:01:24.053

Reputation: 41 321

Yes mate, that was it. I must have added the colon in one of my many experiments in trying to get this working. Thanks – China Diapers – 2015-11-01T09:07:59.143

1

Your username on your local account is probably not root, which is the username you use with Rsync.

ssh remotehost

…is effectively the same as:

ssh localUserName@remotehost

Sorry, I didn't notice that you already said you’re running as root.

I also didn’t notice that you are using the module syntax with two colons (::) after the remote hostname. I don’t think the guide you followed covers connecting to Rsync this way, and that you should be fine if you use the single colon syntax, for example:

rsync -avz -e ssh /home/user/dir root@192.168.200.10:/some/path/backups/dir

Louis

Posted 2015-10-31T22:01:24.053

Reputation: 18 859

0

I had this problem too - I hope this helps. For me, the problem was the syntax required for alternate port ssh. Here are two working examples:

Execute this from the target backup machine, which pulls from source to target backup:

rsync -av --delete -e 'ssh -p 59333 -i /home/user/.ssh/id_rsa' user@10.9.9.3:/home/user/Server/ /home/user/Server/

Execute this from the source machine, which sends from source to target backup:

rsync -av --delete -e 'ssh -p 59333 -i /home/user/.ssh/id_rsa' /home/user/Server/ user@10.9.9.3:/home/user/Server/

This solution assumes you already exchanged your public key with target and/or vice versa using ssh-copy-id -p 59333. This wonky syntax is not required if you use port 22, in which case you can use the i flag and it will procure the public key from the default location in ~/.ssh/id_rsa.pub. Here is an example without alternate port that also works fine:

Execute this from the target backup machine, which pulls from source to target backup:

sudo rsync -avi --delete user@10.9.9.3:/var/www/ /media/sdb1/backups/www/

Execute this from the source machine, which sends from source to target backup:

sudo rsync -avi --delete /media/sdb1/backups/www/ user@10.9.9.3:/var/www/

If you are still getting prompted for a password, then you need to check your ssh configuration in /etc/ssh/sshd_config and verify that the users in source and target each have the others' respective public ssh key. I left this amount of detail because the syntax left by two others above still does not work for me.

oemb1905

Posted 2015-10-31T22:01:24.053

Reputation: 101

Asked: 2015-10-31T22:01:24.053

Viewed: 15 115 times

Active: 2019-07-07T07:23:32.410