January 12, 201511 yr Looking for guidance on how to setup a passwordless rsync from my Raspberry Pi to a share on unRaid. I have rsync working just fine but I need to bypass the password request. Rsync will be copying files from the unRaid share to a local folder on the Pi. I've done a fair bit of Googling and read many things including generating the ssh keys but none of which have worked for me. Thanks in advance!
January 12, 201511 yr Author Hoping for a reply This is what I've done so far. 1. Created a user called pi in unraid. 2. Mapped users home directory to /boot/custom via /etc/passwd 3. Created a .ssh directory in /boot/custom with: mkdir -p ~/.ssh touch ~/.ssh/authorized_keys 4. On the pi I created the keys with blank password: ssh-keygen -t rsa 5. Copied the public key to the .ssh directory on unraid scp ~/.ssh/id_rsa.pub pi@ip_address 6. Added the contents of the public to authorized_keys cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys As I understand it, that should be it. But when ssh'ing from the pi to unraid I still get prompted for a password. From the syslog upon trying to connect: Authentication refused: bad ownership or modes for file /boot/custom/.ssh/authorized_keys Using unraid 6.b12 Thanks!
January 12, 201511 yr Not sure if this is the problem or not, but FAT32 which your flash drive is most likely formatted too. Doesn't support folder/file permissions, so that may be your problem. As ssh can be very strict with it's key permissions. When I ran into this error, I had to create a folder on the actual filesystem, using unraid's 'go' file. Then copy the key and authorized files from the /boot directory into it, and change the permissions, again inside of the go file. This is what I used (for my scenario) based from what I can remember. /boot/config/go -------------------- mkdir -p /home/ssh cp /boot/custom/ssh/* /root/.ssh // id_rsa, authorized_keys, known_hosts cp /boot/custom/sshd/* /etc/ssh // ssh_config, sshd_config chmod 700 /root/.ssh chmod 600 /root/.ssh/id_rsa
January 12, 201511 yr Author Not sure if this is the problem or not, but FAT32 which your flash drive is most likely formatted too. Doesn't support folder/file permissions, so that may be your problem. As ssh can be very strict with it's key permissions. When I ran into this error, I had to create a folder on the actual filesystem, using unraid's 'go' file. Then copy the key and authorized files from the /boot directory into it, and change the permissions, again inside of the go file. This is what I used (for my scenario) based from what I can remember. /boot/config/go -------------------- mkdir -p /home/ssh cp /boot/custom/ssh/* /root/.ssh // id_rsa, authorized_keys, known_hosts cp /boot/custom/sshd/* /etc/ssh // ssh_config, sshd_config chmod 700 /root/.ssh chmod 600 /root/.ssh/id_rsa thanks for this. I seem to be going around in circles however. I did get this to work by copying id_rsa.pub to authorized_keys on the Pi, then copied authorized keys to the unraid server and amended the permissions to 600. This was all as root which I don't want, so via the go script I added: mkdir -p $HOME/.ssh cat /boot/custom/ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys chmod 700 $HOME/.ssh chmod 600 $HOME/.ssh/authorized_keys Rebooted. No go. Asked me for the password. Beforehand syslog would show the error re permissions on connecting, now it doesn't show anything. So I then removed all that from the go script and syslog still doesn't show the errors it did previously lol. This is taking way to long lol. Any help is appreciated.
January 13, 201511 yr Author So in the end I figured out it was a permissions thing and file location thing. If I placed the authorized_keys file in /root/.ssh via the go script it wouldn't work because the file was placed in the root of root@Tower:/# ls bin/ boot/ dev/ etc/ home/ init@ lib/ lib64/ mnt/ nohup.out proc/ root/ run/ sbin/ sys/ tmp/ usr/ var/ but if it was in the root of this [coderoot@Tower:/# cd ~ root@Tower:~# ls mdcmd* powerdown@ samba@[/code] then I could connect. If I wanted to connect as a different user, in my case 'pi', it wouldn't work because the file ownership of the .ssh directory and the authorized_keys file were wrong. So in the end I added this to my go script which works fine: mkdir -p $HOME/.ssh chmod 700 $HOME/.ssh chown pi:users $HOME/.ssh cp /boot/custom/ssh/authorized_keys $HOME/.ssh chmod 600 $HOME/.ssh/authorized_keys chown pi:users $HOME/.ssh/authorized_keys
Archived
This topic is now archived and is closed to further replies.