This short article will demonstrate by example password-less ssh from a Solaris 8 box which will backup the contents of a linux box using rsync.
In the example there are 2 users involved and 2 machines involved:
User: bak2solaris Machine: mylinuxbox (RHEL/Centos)
User: root Machine: mysolarisbox (Solaris 8)
A cron job will run on machine 'mysolarisbox' as root. Root will ssh/rsync in to 'mylinuxbox' and get the files. As such the DSA Public Key of user root@mysolarisbox needs to be in the authorized_keys file of user 'bak2solaris' on machine mylinuxbox. i.e. /home/bak2solaris/.ssh/authorized_keys
This process is a little more complicated on Solaris than Linux.
Summary of Steps Required:
1. root@mysolarisbox – generate public/private dsa key pair
2. copy root@mysolarisbox public key to backupuser@mylinuxbox
3. add root@mysolarisbox's public key to backupuser@mylinuxbox's authorized_keys
4. as root@mysolarisbox ssh as backupuser@mylinuxbox using root@mysolarisbox's private key
Detail of Steps Required:
1. Create the DSA Public Key for root@mysolarisbox (if not already present):
user@mysolarisbox# su –
root@mysolarisbox# /usr/local/bin/ssh-keygen -t dsa -f /.ssh/id_dsa.mysolarisbox.root -N ""
2. Copy the public key to mylinuxbox:
root@mysolarisbox# /usr/local/bin/scp id_dsa.mysolarisbox.root.pub jonny@mylinuxbox:/home/jonny
3. Log into mylinuxbox and add the public key to the authorized_keys file:
jonny@mylinuxbox# su –
root@mylinuxbox# touch /home/bak2mysolarisbox/.ssh/authorized_keys
root@mylinuxbox# cat /home/jonny/id_dsa.mysolarisbox.root.pub >> /home/bak2mysolarisbox/.ssh/authorized_keys
root@mylinuxbox# chmod 600 /home/bak2mysolarisbox/.ssh/authorized_keys && chown -R bak2mysolarisbox /home/bak2mysolarisbox/.ssh
4. Test an ssh session from root@mysolarisbox to bak2mysolarisbox@mylinuxbox :
root@mysolarisbox# /usr/local/bin/ssh -v -i /.ssh/id_dsa.mysolarisbox.root bak2mysolarisbox@mylinuxbox
5. Create a cron script to do the rsync as follows:
root@mysolarisbox# vi getStatsFromMyLinuxBox.sh
/usr/local/bin/rsync –rsync-path /usr/bin/rsync -avz –delete -e "ssh -i /.ssh/id_dsa.mysolarisbox.root" bak2mysolarisbox@mylinuxbox.domain.tld:/export/ /backup/path/
root@mysolarisbox# chmod a+x getStatsFromMyLinuxBox.sh
root@mysolarisbox# crontab -e
00 16 * * * /backup/web-misc/scripts/getStatsFromMyLinuxBox.sh > /var/log/mylinuxbox_rsync_cron_log.log
Explanation of Rsync options:
–rsync-path the path to rsync on the remote machine
-avz Archive, verbose, compress
–delete Delete files locally that are not present on remote
-e Execute alternative remote shell program to use for communication between the local and remote copies of rsync
Potential Issues:
* May need to install rsync on the Solaris box:
– Go to sunfreeware.com and get the following packages:
– ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/libintl-3.4.0-sol8-sparc-local.gz
– ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/libiconv-1.11-sol8-sparc-local.gz
– ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/popt-1.14-sol8-sparc-local.gz
– ftp://ftp.sunfreeware.com/pub/freeware/sparc/8/rsync-3.0.2-sol8-sparc-local.gz
– unzip each file
– install with pkgadd -d <filename>
* The –rsync-path was essential and take quite a bit of figuring out (jonny gives dirty look to solaris)
* It may be necessary to do the following, but only if you get errors:
crle -l /lib:/usr/lib:/usr/local/lib
