mazma Posted January 12, 2015 Share Posted January 12, 2015 Looking for guidance on how to setup a passwordless rsync from my Raspberry Pi to a share on unRaid. I have rsync working just fine but I need to bypass the password request. Rsync will be copying files from the unRaid share to a local folder on the Pi. I've done a fair bit of Googling and read many things including generating the ssh keys but none of which have worked for me. Thanks in advance! Quote Link to comment
mazma Posted January 12, 2015 Author Share Posted January 12, 2015 Hoping for a reply This is what I've done so far. 1. Created a user called pi in unraid. 2. Mapped users home directory to /boot/custom via /etc/passwd 3. Created a .ssh directory in /boot/custom with: mkdir -p ~/.ssh touch ~/.ssh/authorized_keys 4. On the pi I created the keys with blank password: ssh-keygen -t rsa 5. Copied the public key to the .ssh directory on unraid scp ~/.ssh/id_rsa.pub pi@ip_address 6. Added the contents of the public to authorized_keys cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys As I understand it, that should be it. But when ssh'ing from the pi to unraid I still get prompted for a password. From the syslog upon trying to connect: Authentication refused: bad ownership or modes for file /boot/custom/.ssh/authorized_keys Using unraid 6.b12 Thanks! Quote Link to comment
hooger Posted January 12, 2015 Share Posted January 12, 2015 Not sure if this is the problem or not, but FAT32 which your flash drive is most likely formatted too. Doesn't support folder/file permissions, so that may be your problem. As ssh can be very strict with it's key permissions. When I ran into this error, I had to create a folder on the actual filesystem, using unraid's 'go' file. Then copy the key and authorized files from the /boot directory into it, and change the permissions, again inside of the go file. This is what I used (for my scenario) based from what I can remember. /boot/config/go -------------------- mkdir -p /home/ssh cp /boot/custom/ssh/* /root/.ssh // id_rsa, authorized_keys, known_hosts cp /boot/custom/sshd/* /etc/ssh // ssh_config, sshd_config chmod 700 /root/.ssh chmod 600 /root/.ssh/id_rsa Quote Link to comment
mazma Posted January 12, 2015 Author Share Posted January 12, 2015 Not sure if this is the problem or not, but FAT32 which your flash drive is most likely formatted too. Doesn't support folder/file permissions, so that may be your problem. As ssh can be very strict with it's key permissions. When I ran into this error, I had to create a folder on the actual filesystem, using unraid's 'go' file. Then copy the key and authorized files from the /boot directory into it, and change the permissions, again inside of the go file. This is what I used (for my scenario) based from what I can remember. /boot/config/go -------------------- mkdir -p /home/ssh cp /boot/custom/ssh/* /root/.ssh // id_rsa, authorized_keys, known_hosts cp /boot/custom/sshd/* /etc/ssh // ssh_config, sshd_config chmod 700 /root/.ssh chmod 600 /root/.ssh/id_rsa thanks for this. I seem to be going around in circles however. I did get this to work by copying id_rsa.pub to authorized_keys on the Pi, then copied authorized keys to the unraid server and amended the permissions to 600. This was all as root which I don't want, so via the go script I added: mkdir -p $HOME/.ssh cat /boot/custom/ssh/id_rsa.pub >> $HOME/.ssh/authorized_keys chmod 700 $HOME/.ssh chmod 600 $HOME/.ssh/authorized_keys Rebooted. No go. Asked me for the password. Beforehand syslog would show the error re permissions on connecting, now it doesn't show anything. So I then removed all that from the go script and syslog still doesn't show the errors it did previously lol. This is taking way to long lol. Any help is appreciated. Quote Link to comment
mazma Posted January 13, 2015 Author Share Posted January 13, 2015 So in the end I figured out it was a permissions thing and file location thing. If I placed the authorized_keys file in /root/.ssh via the go script it wouldn't work because the file was placed in the root of root@Tower:/# ls bin/ boot/ dev/ etc/ home/ init@ lib/ lib64/ mnt/ nohup.out proc/ root/ run/ sbin/ sys/ tmp/ usr/ var/ but if it was in the root of this [coderoot@Tower:/# cd ~ root@Tower:~# ls mdcmd* powerdown@ samba@[/code] then I could connect. If I wanted to connect as a different user, in my case 'pi', it wouldn't work because the file ownership of the .ssh directory and the authorized_keys file were wrong. So in the end I added this to my go script which works fine: mkdir -p $HOME/.ssh chmod 700 $HOME/.ssh chown pi:users $HOME/.ssh cp /boot/custom/ssh/authorized_keys $HOME/.ssh chmod 600 $HOME/.ssh/authorized_keys chown pi:users $HOME/.ssh/authorized_keys Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.