Rsync over SSH

[enemy85]

Hi all,
I have some troubles and questions trying to set up a rsync service over SSH in order to backup some Windows PCs on my nas but over WAN.
From what I understand reading the FreeNAS wiki:

• "a public/private key pair for the rsync user account must be generated on PUSH and the public key copied to the same user account on PULL
• to mitigate the risk of man-in-the-middle attacks, the public host key of PULL must be copied to PUSH

On my windows pc I'm using "Deltacopy Server" and I configured my freenas box as PULL.
Considering the wiki I should generate the keys on the pc but i cannot figure out how...

How can i manage to make the rsync service to work properly over SSH?
Thanks

 

[dlavigne]

This might help: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=1.

 

[enemy85]

This might help: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=1.

thank you, i'll try how is suggested there...the only things is that I was using deltacopy server on my pc in order to make the freenas box act as PULL for better manage everything.

 

[enemy85]

This might help: http://www.aboutmyip.com/AboutMyXApp/DisplayFAQ.do?fid=1.

ok, i tried to follow the instructions on the link, but unsuccessfully....
According to the link, I downloaded CYGWIN and i created the 2 sshkeys, the private one copied in DeltaCopy folder, while for the public one, the link suggest to "Copy your public key (sshkey.pub) to your Linux/UNIX machine using FTP or other similar mechanism. Your public key should be copied to $HOME/.ssh directory. Rename the file from sshkey.pub to authorized_keys. Once done you should have a file called $HOME/.ssh/authorized_keys containing your public key."
I don't think there is a folder in FreeNas where to copy this public keys, so i tried to paste it on the user i'd like to use for the rsync service, but without any success... can please anybody help to solve this problem???
Thanks

EDIT:
I copied the public key in freenas on "/etc/ssh/authorized_keys" (i created the authorized_keys folder), and I changed the sshkey.pub owner and group to the user i'd like to use for the rsync service but still nothing...

If I use RSYNC OVER SSH i get the error message

Code:

To use rsync over SSH requires a user
with a public key (DSA / ECDSA / RSA) set in the home folder.

in the rsync task tab, if I just use RSYNC MODULE, i get this error from the console

Code:

Mar  5 19:16:15 freenas rsync: ssh: connect to host XXXXXXXXXX.no-ip.org port 22: Operation timed out^M
Mar  5 19:16:15 freenas rsync: rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
Mar  5 19:16:15 freenas rsync: rsync error: unexplained error (code 255) at io.c(605) [Receiver=3.0.9]

strange thing is that i set #873 as rsync port and not #22 as reported....

 

[enemy85]

nobody? I'm keeping trying but without any success...

 

[N00b]

If I use RSYNC OVER SSH i get the error message

Code:

To use rsync over SSH requires a user
with a public key (DSA / ECDSA / RSA) set in the home folder.

If you are still facing issues: I think I can understand this. You don't seem to have added the public key to the ssh user's .ssh directory (under the user home director). Generate the user's ssh key's public key using the command :
ssh-keygen -y -f <path/to/private key>
and adding it to the ~user/.ssh/authorized_keys file.

 

[enemy85]

If you are still facing issues: I think I can understand this. You don't seem to have added the public key to the ssh user's .ssh directory (under the user home director). Generate the user's ssh key's public key using the command :
ssh-keygen -y -f <path/to/private key>
and adding it to the ~user/.ssh/authorized_keys file.

thank you for the reply,
Few question if you can answer:
1) Should i use that command from the freenas shell as root or better login from PUTTY as the user i want to use and the generate the key?
2) which is the path where the private key as to be generated and stored?
Thanks

 

[N00b]

thank you for the reply,
Few question if you can answer:
1) Should i use that command from the freenas shell as root or better login from PUTTY as the user i want to use and the generate the key?
2) which is the path where the private key as to be generated and stored?
Thanks

1) The private key has to be generate on the box from where you are logging in i.e the one running putty. The public key can be generated on this box and then copied over to the other box by logging in. This is perhaps the simplest thing to do.
2) You can also try using the ssh-copy-id file command from putty. ssh-copy-id [-i [identity_file]] [user@]machine ( I actually don't have putty to verify that for you. I use mobaxterm ). This command should automatically add the public key to the authorized_key files. I am not sure if it will actually create the .ssh folder and authorized_keys files though)
3) The private key should be on the box running PUTTY in the directory .ssh under user's home directory and should have only 400 or 600 permission (chmod 400 ~/.ssh/pvt_key). The default key name would be id_rsa or id_ecdsa if you accepted the defaults while creating private key.

 

[N00b]

Also see if this helps.

 

[enemy85]

so if i log in to my freenas box using putty from my windows laptop, i HAVE TO generate the private key from the laptop and then copy the public key on the freenas box right?
Where should be copied the public key? just added via web gui to the user or directly in some folders?

 

[N00b]

Sorry maybe I am making it more confusing that it should because I am telling you how I would do it with MobaXterm and not Puttygen. See this puttygen how-to.
1) Broady your steps should be - create private and public key on laptop.
2) Add the public key to a file 'authorized_keys' under the home (~) .ssh directory of the user you will be using. You can even do this from the web shell. cd ~user/.ssh then use 'ee authorized_keys' and paste the public key as a single line . Break will cause it to fail.
3) Try logging in using ssh user@freenas -i path/to/private/key
4) When ssh works trying using it with rsync. You may have to set up a config file under home/.ssh folder on the laptop so that all the options can be put in that. See this how-to to set up the config file .

 

[N00b]

so if i log in to my freenas box using putty from my windows laptop, i HAVE TO generate the private key from the laptop and then copy the public key on the freenas box right?
Where should be copied the public key? just added via web gui to the user or directly in some folders?

Sorry just saw this. Yes, adding it via the gui is better. It just struck me DUH! and I was editing my post. Add it to the user's option in the web gui for the user you intend using.

Is it working now?

 

[enemy85]

At work now, i'll try asap and ask you again if i'll have troubles. Thanks again for the help

 

[enemy85]

ok, started to try but having BIG troubles:

NOTE: my final goal is to set "DeltaCopy" to work properly to backup my laptop pc over ssh to my freenas box, over WAN (i settled on both the LANs a DNS service that works) but in order to do this i need to have SSH working properly. Actually I don't know if I need to have the freenas box acting as "master" and letting him "pull" datas from my pc or on the contrary set the pc as master and let him "push" the backups to the nas box.

NOTE 2: here it's written that DeltaCopy doesn't support keys generated with Putty but just the ones created with CYGWIN, so I'll use that program to generate the keys from my laptop.

The first try was to let the deltacopy client on the pc act as master and "push" the backup to the freenas box, so according to the previous link:
1) I was able to create with CYGWIN and save on my laptop both the PUBLIC and the PRIVATE key.
2) I copied the private key "sshkey" in deltacopy folder
3) I copied the public key in "$ user HOME/.ssh directory" as requested and renamed it as "authorized_keys" setting permission at 600
4) Type the following in the Additional Parameters" text box
-e "ssh -l myusername -i sshkey"

ed the result is it doesn't work

The second try was to create on the freenas box the keys and to copy the public one on the windows client but it doesn't work neither...

Actually i cannot connect SSH neither with CYGWIN or PUTTY without being asked of the password and i cannot understand why!!! :(


EDIT: after more trying and fighting, i was able to SSH connect with CYGWIN and PUTTY directly without any password insertion, but still not able to make DELTACOPY or Freenas Rsync service working...

 

[demon_devil]

Did you finally figured it out?
I got a module and the service working on my Freenas.

I can connect to it with SSH from DeltaCopy client.
The client says that it successfully copy..but..err..
It somehow make a file in the Home folder of the user with the name of the module, even tho it is not the name or directory I specified with the module.
The client name Virtual Directory of the following format ModuleName+DirectorySpecified
When it "sync" a single file, it create that file I mentioned earlier with the content of it. If it sync two files, the same file is present but the content is the of the second synced file. The first file content is gone.
If I sync a folder, it create a folder of the same wrong name and it will contain the files with the correct name.
If I add a file to sync, it will add it inside the folder...
If I delete them from my desktop and click to Restore, it fail.

So basically...doesn't respect folder, name or location. Can't Restore "backup".

edit: I was confused. I don't need a module, so I removed that. I'll post a guide once I figure out the permission issue that I just realized that I had.

 

[enemy85]

Did you finally figured it out?
I got a module and the service working on my Freenas.

I can connect to it with SSH from DeltaCopy client.
The client says that it successfully copy..but..err..
It somehow make a file in the Home folder of the user with the name of the module, even tho it is not the name or directory I specified with the module.
The client name Virtual Directory of the following format ModuleName+DirectorySpecified
When it "sync" a single file, it create that file I mentioned earlier with the content of it. If it sync two files, the same file is present but the content is the of the second synced file. The first file content is gone.
If I sync a folder, it create a folder of the same wrong name and it will contain the files with the correct name.
If I add a file to sync, it will add it inside the folder...
If I delete them from my desktop and click to Restore, it fail.

So basically...doesn't respect folder, name or location. Can't Restore "backup".

edit: I was confused. I don't need a module, so I removed that. I'll post a guide once I figure out the permission issue that I just realized that I had.

i figured it out how to make freenas connect as described in my last post here, but i don't think i can help you with your problem even because i ended up using rsync locally without ssh

 

[Fernando Quiroga]

Thanks..!! the trobleshooting was succesfull

 

[ChristianW]

Hi people!

Maybe someone can give me a hint...
I set up a few rsync task once a while ago, and all tasks run smoothly. Today I wanted to set up a new task, but get the message:

• In order to use rsync over SSH you need a user
  with a public key (DSA/ECDSA/RSA) set up in home dir.

I do have the public key in the home dir and login to the remote machine via shell works.
So where might be the issue? Anyone an idea?