RSYNC over SSH

[eok]

I've tried to set up Rsync over SSH between two Freenas systems according to the chapter "6.3.2. Rsync over SSH Mode" in the Freenas documentation (found on doc.freenas.org). But I cant get it to work
I've tried to follow the guide closely and I have created rsa-keys and I've managed to copy the host key of the pull system into the file known_hosts on the push system. I've also created the file authorized_keys containing the id_rsa.pub-file from PULL.
SSH is running (and working) on both systems.
When creating the rsa-keys I was logged in as Root and I set the user for the rsync task to Root.
Do I need to change any permissions for some of the files known_host or authorized_keys?
I see no trace of the Rsync task in any of the files messages or auth.log (on either system)
Any suggestions are appreciated!
/Eok

 

[SmallGuy]

This what you should have in the .ssh folder of the root user:

Code:

drwx------  2 root  wheel  512 Dec  2  2013 ./
drwxr-xr-x  3 root  wheel  512 Nov 26 21:31 ../
-rw-------  1 root  wheel  781 Dec  2  2013 authorized_keys
-rw-------  1 root  wheel  1675 Dec  2  2013 id_rsa
-rw-r--r--  1 root  wheel  400 Dec  2  2013 id_rsa.pub
-rw-r--r--  1 root  wheel  981 Dec 21  2013 known_hosts

/root/.ssh directory need to be rwx ( ./ directory above)
Try to connect directly thru the CLI from PULL with verbosity, ssh will tell you what's going wrong (in a funny/crazzy language):

Code:

ssh -vvv remote_username@remote_hostname

 

[eok]

Thank you for your response. I've checked the permissions and I now got exactly what you proposed. I also tried to connect with verbosity, this is what came out (I'm missing the beginning since I'm don't know how to scroll in the client):

debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug2: mac_setup: found hmac-md5-etm@openssh.com
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
debug3: put_host_port: [xxx.xxx.xxx]:xxxxx
debug3: put_host_port: [xxx.xxx.xxx]:xxxxx
debug3: ssh_load_hostkeys: loading entries for host "[xxx.xxx.xxx]:xxxxx" from file "/root/.ssh/known_hosts"
debug3: ssh_load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:2
debug3: ssh_load_hostkeys: loaded 1 keys
debug3: ssh_load_hostkeys: loading entries for host "[xxx.xxx.xxx]:xxxxx" from file "/etc/ssh/ssh_known_hosts"
debug3: ssh_load_hostkeys: loaded 0 keys
debug1: Host '[xxx.xxx.xxx]:xxxxx' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x8028560d0),
debug2: key: /root/.ssh/id_dsa (0x0),
debug2: key: /root/.ssh/id_ecdsa (0x0),
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
user@xxx.xx.xx's password:

This does not tell me much. Can you get something out of this?

 

[SmallGuy]

Think I see my mistake.
Can you try the same thing on PUSH.
Try to connect directly thru the CLI from PUSH with verbosity:

Code:

ssh -vvv remote_username@remote_hostname

I have been on your case, but can't exactly remember all the subtilities, and don't have the complete set-up today to be able to help you straight forward.

 

[eok]

Thank yoy for your response. I figured that I should try to connect from PUSH to PULL so what I posted above is what I got when I tried to SSH from PUSH to PULL.

 

[eok]

I'm now able to ssh into pull from push, but the Rsync is still not working. When I run
rsync -WhavPn /mnt/disk1 | ssh -p 45222 root@xxxxxx.xxx.xx /mnt/backup
I get Permission denied. The permissions for /mnt/backup (on Pull) is drwxrwxrwx

Any suggestions??

 

[SmallGuy]

Think owner:
-user use for rsync
-owner of the dataset/directory/files

 

[eok]

I don´t understand. What permisions should I set on PUSH and on Pull? Now I have the following permissions:
On PUSH
/mnt rwxr-xr-x
/mnt/disk1 rwxrwxrwx
On PULL
/mnt rwxr-xr-x
/mnt/backup rwxrwxrwx

I'm running ssh as root user on PUSH and I'm logging in as root on PULL.