Re: Problems getting rsync over SSH without password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

2009/10/21 Rick Stevens <ricks@xxxxxxxx>:
> Aaron Gray wrote:
>>
>> 2009/10/21 Rick Stevens <ricks@xxxxxxxx>:
>>>
>>> Aaron Gray wrote:
>>>>
>>>> Hi,
>>>>
>>>> I have two old servers with one mirroring the other using RSYNC over
>>>> SSH. I did this some time ago.
>>>>
>>>> Now coming to replace these servers with two new F11 ones I cannot
>>>> seem to get the it to work without supplying passwords.
>>>>
>>>> I followed my instructions I wrote at the time for RSYNC over SSH, but
>>>> it still asks for a password even though AFAICS I have set up the
>>>> certificates correctly.
>>>>
>>>> Any help or suggestions welcome,
>>>
>>> Make sure that the user's .ssh directory has the correct SELinux contexts
>>> as
>>> well as correct permissions:
>>>
>>> $ ls -lZd .ssh
>>> drwx------. rick rick system_u:object_r:home_ssh_t:s0  .ssh
>>> $ ls -lZ .ssh
>>> -rw-------. rick rick system_u:object_r:home_ssh_t:s0  authorized_keys
>>> -rw-------. rick rick system_u:object_r:home_ssh_t:s0  id_dsa
>>> -rw-r--r--. rick rick system_u:object_r:home_ssh_t:s0  id_dsa.keystore
>>> -rw-r--r--. rick rick system_u:object_r:home_ssh_t:s0  id_dsa.pub
>>> -rw-r--r--. rick rick system_u:object_r:home_ssh_t:s0  known_hosts
>>
>> Okay, my F11 instillation did not have a .ssh directory, so I am getting
>> :-
>>
>> [root@yyy ~]# ls -lZd .ssh
>> drwx------. root root unconfined_u:object_r:admin_home_t:s0 .ssh
>> [root@yyy ~]# ls -lZ .ssh
>> -rw-r-----. root root unconfined_u:object_r:admin_home_t:s0
>> authorized_keys
>> -rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0
>> datacomms-net-key.pub
>> -rw-r--r--. root root unconfined_u:object_r:admin_home_t:s0 known_hosts
>>
>> How do I go about changing the unconfined_u's to system_u ?
>
> As root:
>
>    # chcon -v -u system_u /path/to/userhome/.ssh/*
>
> You can also try (as root):
>
>    # restorecon -v -R /path/to/userhome/.ssh

Thanks Rick, the 'restorecon' done it nicely :)

RSYNC seems to be working without a password now !

thanks alot,

Aaron

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux