HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   mirroring with rsync (mulitple servers) (http://www.howtoforge.com/forums/showthread.php?t=33183)

edpatterson 2nd April 2009 16:51

mirroring with rsync (mulitple servers)
 
The tutorial worked just fine for a single server. Then I attempted to add another by generating a key, copying it to the source server and appending it to the authorized_keys file. I duplicated everything only changing the hostname of the target machine.
Now when I try to sync I get a message that smartcards are not supported and am prompted for the password. Entering the password on the original machine works, from the second one fails.

I have 14 squid servers and am looking for a way to sync the url lists. I thought rsync would be a nice lightweight (easy on the brain) way to do it.

Ideas on what I did wrong or possibly a better/easier way?

Thanks,
Ed

falko 3rd April 2009 13:39

Does it work if you remove the "command="/home/someuser/rsync/checkrsync",from="mirror.example.com",no-port-forwarding,no-X11-forwarding,no-pty" part from all lines in authorized_keys?

edpatterson 3rd April 2009 16:52

No, I deleted everything up to ssh-dss. It still reports no support for smartcards and requests the password.

falko 4th April 2009 14:25

What's your rsync command?

Also, did you compare your setup with the tutorial? Maybe you've made a typo somewhere?

edpatterson 4th April 2009 16:23

It worked fine when I first did the tutorial. Then I attempted to add another machine a week or so and a bunch of successful sync's later. That is when the problem started.
Here is what I did to break it.
Built another server
Created a ssh key-pair (ssh-keygen -t dsa -b 1024 -f /root/rsync/server3-rsync-key)
Copied the server3-rsync-key.pub to server1:/home/rsyncer/.ssh/
Added the key to the existing authorized_keys file (cat server3-rsync-key.pub >> authorized_keys)
Prepended 'command="/home/rsyncer/rsync/checkrsync", from="server3", no-port-forwarding,no-X11-forwarding,no-pty'
Then from server3
rsync -avz -e "ssh -I /root/rsync/server3/rsync/server3-rsync-key" rsyncer@server1:/tmp/sync-test
The smartcard error and prompt for password, no files transfered.
I am thinking that maybe you can not have more than one line in the authorized_keys file. But then that would make it authorized_key.
I will try to look up more info on ssh. It seemed to me like it would work.

falko 5th April 2009 15:47

Quote:

Originally Posted by edpatterson (Post 179775)
I am thinking that maybe you can not have more than one line in the authorized_keys file.

No, that's not true. You can have more than one line in that file. I'm using rsync mirroring with multiple servers at the same time.

edpatterson 8th April 2009 14:13

OK, I have gone to the source (literally) and am reading all I can find. I obviously screwed something up.

Another different but related question. Do the ssh keys use the IP address? I am going to be building all my servers at one location then rolling them out. I generate the keys as part of the build/test process. Will I need to regenerate the keys when they change subnets?

falko 9th April 2009 15:05

Quote:

Originally Posted by edpatterson (Post 180506)
Will I need to regenerate the keys when they change subnets?

No, that's not necessary.

edpatterson 9th April 2009 22:16

OK, this is getting personal :-)

I copied the how-to into an editor and changed the server1 and mirror names to reflect the actual names I am using. I redid the whole thing from scratch. On the final step it is asking for the unprivilidged users password (listadmin in my case). Everything works if I enter the password.

I am somewhat confused why I generated a passwordless key set then told ssh to use a different users account.

Am I getting closer?

falko 10th April 2009 14:21

Can you remove the part from post #2 and try again?


All times are GMT +2. The time now is 02:04.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.