On Mon, Jan 07, 2002 at 03:03:12PM +0800, Patrick Hsieh wrote: > > - obviously this doesn't preclude a bad guy checking out > > backup-server:backups/otherhostname (use ssh keys, and invoke cmd="cd > > backups/hostname; rsync with whatever daemon options" will limit that) > Now I know how to use "command=" in ~/.ssh/authorized_keys2. > Providing I have backupserver and debianclient. > In ~/.ssh/authorized_keys2 of backupserver "command=" section, what > command should I put to automate the backup procedure between > backupserver and debianclient? I tried: > command="cd /backup; /usr/bin/rsync -av debianclient:/dirtobackup ./"
run the rsync without a command= statement, and do a ps awux | grep rsync on the target (like I already suggested). That command or something close to it will be the basis for your command="" > But when I ssh from debianclient to backupserver, it gives me a password > prompt,, so I enter the password, then rsync begins. and ? > I don't understand what "command=" means. Does it only specify what > will the server do upon ssh login? Can it specify some commands and > parameters to restrict ssh <host> <pre-specified command> ? command= on the target machine is the command that will be run when the client successfully authenticates. Try it yourself. try a command='/bin/cat /etc/motd', and then ssh target:... use an identity key of course. the ssh commandline will have no effect if a command= is present. -- Ted Deppner http://www.psyber.com/~ted/
