On 8/25/06, Peter H. Coffin <[EMAIL PROTECTED]> wrote:
On Fri, Aug 25, 2006 at 10:46:59AM -0700, Greg Thomas wrote:
> On 8/25/06, Alexander Hall <[EMAIL PROTECTED]> wrote:
> >Greg Thomas wrote:
> >> I've got a little backup script piping dump to ssh to my backup server
> >> rice, and I've got my keys setup:
> >
> >> [EMAIL PROTECTED]:/home/ethant# sudo /sbin/dump -0auf - /dev/rwd0a | gzip
| \
> >>> ssh [EMAIL PROTECTED] "cat > /grits/$(date "+%Y%m%d")_root.dump.gz"
> >
> >Here you are running ssh as yourself, thereby using your own keys.
> >
> >> DUMP: Date of this level 0 dump: Fri Aug 25 00:21:08 2006
> >> ...
> >> ================================================
> >>
> >> But when I run this simple script (an almost identical copy of which
> >> is working fine on another laptop with 3.8 installed, the only
> >> difference is the path to the dump) I get prompted for my password:
> >>
> >> [EMAIL PROTECTED]:/home/ethant# cat test.sh
> >> #!/bin/sh
> >> /sbin/dump -0auf - /dev/rwd0a | gzip | \
> >> ssh [EMAIL PROTECTED] "cat > /grits/$(date "+%Y%m%d")_root.dump.gz"
> >>
> >> [EMAIL PROTECTED]:/home/ethant# sudo test.sh
> >> DUMP: Date of this level 0 dump: Fri Aug 25 00:23:42 2006
> >> ...
> >> [EMAIL PROTECTED]'s password:
> >>
> >> What am I doing wrong?
> >
> >Here you are running the entire script as root (using sudo), and
> >therefore ssh is run as root, which does not have your keys.
>
> Understood but how come the exact setup works from my system corn to
> rice ( but not grits to rice)? corn is 3.8, grits is 3.9, and rice is
> 4.0.
Check the keys. See if there's a key pair for those remote and local
user combinations that do work.
Maybe I was too verbose, from all appearances the key pair works fine
for ethant:
==================================================================
[EMAIL PROTECTED]:/home/ethant# ssh rice
Last login: Fri Aug 25 00:14:42 2006 from grits
OpenBSD 4.0-beta (GENERIC) #1083: Mon Aug 21 21:24:02 MDT 2006
Welcome to OpenBSD: The proactively secure Unix-like operating system.
Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code. With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.
[EMAIL PROTECTED]:/home/ethant#
==================================================================
It's just that when I sudo the script that I get the password prompt.
From corn to rice it works fine when I ssh interactively or I sudo the script.
From grits to rice it works fine when I ssh interactively but when I
sudo the script I'm prompted.
Same user and UID on all 3 systems, and as far as I know corn and
grits are almost identical except for the fact that one is 3.8 and the
other is 4.0.
Thanks,
Greg
