<br><br><div class="gmail_quote">On Wed, Dec 9, 2009 at 11:21 PM, Tom Aldridge <span dir="ltr"><<a href="mailto:toma@aldridgeinc.com">toma@aldridgeinc.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im"><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Jose Lerebours propounded (on Wed, Dec 09, 2009 at 03:16:54PM -0500):<br>
| Trying to setup an UBUNTU Linux box to ssh to an SCO UNIX box without the<br>
| need to enter a password.<br>
| I found this article<br>
|<br>
| <a href="http://lani78.wordpress.com/2008/08/08/generate-a-ssh-key-and-disable-password-authentication-on-ubuntu-server/" target="_blank">http://lani78.wordpress.com/2008/08/08/generate-a-ssh-key-and-disable-password-authentication-on-ubuntu-server/</a><br>
|<br>
| I followed every step but I am still forced to type in a password to connect<br>
| to SCO UNIX. The root of the problem is<br>
| the need to interface a linux server running PHP + Apache to extract and<br>
| push data from a SCO UNIX running filePro.<br>
<br>
</blockquote>
<br></div>
Jose,<br>
<br>
Here is my working example of what I do with several machines, i.e.... I "pull" rsync backups from a couple of machines to a machine, and I push backups to another machine simply because I have no shell access on that machine to set up a "pull". Been doing it on an automated basis, for several years without any security issues that I am aware of.<br>
<br>
Note, having identical user names on both machines is not necessary. Permissions are critical however.<br>
<br>
------------------------------------------------------------<br>
Create the backup script and test it first.<br>
<br>
Then, to automate the login process:<br>
<br>
Create ~/.ssh on the local machine if necessary and set the permissions<br>
to: chmod -R 700 ~/.ssh<br>
<br>
Create the public/private keys on the local machine:<br>
<br>
ssh-keygen -t rsa<br>
<br>
This created two files in the ~/.ssh directory: ~/.ssh//id_rsa (the<br>
private key) and ~/.ssh/id_rsa.pub (the public key), which you will<br>
share with the remote host.<br>
<br>
Now send your public key to the remote machine, so that it can trust you.<br>
<br>
scp ~/.ssh/id_rsa.pub username@machine.domain.com:.ssh/authorized_keys2<br>
<br>
Set the permissions on the remote machine if necessary as well: chmod -R<br>
0700 ~/.ssh<br>
<br>
IMPORTANT NOTE ABOUT THE PUBLIC KEY:<br>
<br>
If you're pulling the backup to the backup machine, copy (using scp) the<br>
same public key to each machine you're going to backup. Simply change<br>
the <a href="mailto:username@machine.domain.com" target="_blank">username@machine.domain.com</a> each time you run the scp string: scp<br>
~/.ssh/id_rsa.pub username@machine.domain.com:.ssh/authorized_keys2<br>
<br>
If you're pushing the backup to a backup machine, append the public key<br>
to the authorized_keys file (be sure be in the home directory of the<br>
machine your pushing from): $ cd ~/homedir; cat .ssh/id_rsa.pub | ssh<br>
<a href="mailto:username@machine.domain.com" target="_blank">username@machine.domain.com</a> 'cat >> .ssh/authorized_keys'<br>
------------------------------------------------------------<br><font color="#888888">
<br>
Tom Aldridge<br></font></blockquote><div><br>Tom,<br><br>I am still required to enter a password to run shell scripts/commands off remote server.<br><br>If I type ssh web@unix l /tmp<br><br>I have to type password for user "web" as defined in the SCO box. Please notice the<br>
"unix" in web@unix is pointing to the SCO UNIX box.<br><br>I really need this to work without having to enter the password - If I get this done, I<br>will finish my project in matter of hours ... <br><br>Regards,<br>
<br><br>Jose<br><br><br><br></div></div><br>