Operating System: Debian GNU/Linux 10
KDE Plasma Version: 5.14.5
Qt Version: 5.11.3
KDE Frameworks Version: 5.54.0
Kernel Version: 4.19.0-16-amd64
OS Type: 64-bit
Processors: 4 × AMD FX(tm)-4350 Quad-Core Processor
Memory: 15.6 GiB of RAM
I have been trying to setup passwordless SSH for a Backuppc system. I have three Debian 10 systems (including the server) . SSH sets up fine on one of the client machine and "ssh backuppc@192.168.254.xx starts without asking for a password. The other machine (supposedly identical) not only asks for a password but will not accept any of the known passwords. If I go to the offending machine and attempt to su to the backuppc user , I am asked for a password and no passwords work. This doesn't allow the use of ssh-copy-id for transfering the encryption key to that machine. I have tried to reset the backuppc password three times but did not solve the problem. In both systems the public key is stored in /var/lib/backuppc/.ssh as id_rsa.pub.
I also have a Windoz 7 laptop that I want to include and have managed to get ssh and rsync installed (what a mess that was). I have not tried to get passwordless access to that yet. For later.
Any insights?
Gary R.
The servers that are being backed up do not have a
backuppc user. They need to have root access to access all the
files you may need to backup. These commands will get the
proper root access on each server being backed up from the
backuppc server and backuppc user.
You didn't say whether the working password less ssh was working on the host (backuppc machine) or not. So I will give you general instructions here. Some commands will need root access on the backuppc server to run.
THESE COMMANDS WILL BE RUN ON THE BACKUPPC SERVER
FOR EACH MACHINE TO BACKUP.
First make sure you can login to the backuppc user. Look at your passwd file in /etc. It will have an entry for backuppc ... it should have a user home directory and user command interpreter listed. Look at your own entry to see how the entries are formatted or look at "man 5 passwd". The directory should be the backuppc base directory /var/lib/backuppc and command interpreter /bin/bash. Create a password for the backuppc user (as root) with "passwd backuppc". Now login to the backuppc user with that password (or just "su - backuppc" from root).
Now follow the instructions at:
https://linuxize.com/post/how-to-setup-passwordless-ssh-login/
You will need to follow those instructions for each linux server you want to backup. The .ssh directory will be under the directory listed in the passwd file (/var/lib/backuppc). DO NOT USE A PASSWORD TO create the key pair files! They should go into the /var/lib/backuppc/.ssh directory (only do this ONCE!). In step 03. the username should be root@ip-address (you will need root access on that machine to backup all files from the backuppc user on the backuppc server). In step 04 you should be able to "ssh root@ip-address" without a password.
THESE COMMANDS ARE RUN ON EACH SERVER TO BE BACKED
UP.
If yyou can't "ssh root@ip-address" without a password you may also need the line
"PermitRootLogin yes"
in the /etc/ssh/sshd_config file on each server
to be backed up.
If you want to you can follow the instructions at
"Disabling SSH Password Authentication". Be very careful to
follow the instructions closely. These are not needed to get
backuppc running! You will need to be able to sudo into root
from an unprivileged user to get root access so be VERY careful
to follow the instructions.
...Bob