- Jamf Nation Community
- Products
- Jamf Pro
- RSYNC Problem
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
RSYNC Problem
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 06:02 AM
Hi All,
I'm struggling to get rsync working with my distribution points.
I've followed the instructions here https://macmule.com/2015/05/19/making-the-most-of-mac-mini-for-use-with-the-casper-suite/ to get my keys generated and added to the hosting server.
However, when i try to ssh i get the following....
MAINSERVER:~ genericadminaccount$ ssh root@compserver -v
OpenSSH_6.9p1, LibreSSL 2.1.8
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for
debug1: /etc/ssh/ssh_config line 102: Applying options for
debug1: Connecting to compserver [10.21.120.10] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/genericadminaccount/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9
debug1: match: OpenSSH_6.9 pat OpenSSH* compat 0x04000000
debug1: Authenticating to compserver:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:/I0b+LOzy88stJjg3DStbkB2Y0RhI9wdcKgUKcOTgr8
debug1: Host 'compserver' is known and matches the ECDSA host key.
debug1: Found key in /Users/genericadminaccount/.ssh/known_hosts:2
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,keyboard-interactive
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Miscellaneous failure (see text)
No credentials cache file found
debug1: An invalid name was supplied
unknown mech-code 0 for mech 1 2 752 43 14 2
debug1: Miscellaneous failure (see text)
unknown mech-code 0 for mech 1 3 6 1 5 5 14
debug1: Miscellaneous failure (see text)
unknown mech-code 2 for mech 1 3 6 1 4 1 311 2 2 10
debug1: An unsupported mechanism was requested
unknown mech-code 0 for mech 1 3 5 1 5 2 7
debug1: Miscellaneous failure (see text)
unknown mech-code 0 for mech 1 3 6 1 5 2 5
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/genericadminaccount/.ssh/id_rsa
debug1: Trying private key: /Users/genericadminaccount/.ssh/id_dsa
debug1: Trying private key: /Users/genericadminaccount/.ssh/id_ecdsa
debug1: Trying private key: /Users/genericadminaccount/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Password:
If i try and run the script it just seems to list the caspershare but not actually sync and the log gives no errors.
Can anyone see where this maybe going wrong as in some part of the ssh output it does seem to find the key.
Thanks
Al
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 06:44 AM
So the easiest way I was able to get that to work with a OS X or Linux Master DP and OS X or Linux DPs was by installing homebrew, and then once installed, install ssh-copy-id on the DPs. Once I installed that utility, it worked as expected.
ssh-copy-id will easily facilities the ssh keys between your master DP and other DPs. I also used this script to do the rsync:
#!/bin/sh
currentUser=$(ls -l /dev/console | awk '{ print $3 }')
sudo -u ${currentUser} rsync -avrpogz --delete -e ssh sshusername@ipaddressmasterDP:'"/Volumes/nameofmasterDPvolume/"' "/Volumes/nameofDPvolume/"Hopefully this helps.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 06:51 AM
Thanks @perrycj Might try the homebrew option but i can see the keys installed on the main DP so no idea why it's giving an error.
I'm also trying to get this to the point that it will run as a chron (sorry launchd) as we don't want to be leaving the servers logged in.
Al
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 06:55 AM
@al_platt Yes I originally ran in to the same thing but once I transferred over the ssh keys with ssh-copy-id and ran the rsync script as the user, everything worked fine.
I forgot to add I also used a launchdaemon to have the script run once every night after hours.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 07:12 AM
@perrycj Installed homebrew and exchanged keys both ways with ssh-copy-id and it's still asking for a password when connecting via ssh or when i run the script.
Same errors with -v
Too much for Friday afternoon!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 07:25 AM
@al_platt Where are you storing the ssh keys? Are they in ~/.ssh/authorized_keys on both the DP and Master DP?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 07:38 AM
@perrycj Yes they are, on both and i can verify the keys are there.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 08:22 AM
OK, seems i can ssh in if i prefix the commend with sudo
???
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 08:38 AM
@al_platt which command are you using? The one I provided above is running as sudo already but just runs it as the logged in user which should be the user that has the ssh keys in it's user directory.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-15-2016 08:54 AM
Still asking for password even with your script??!
I'll have a further play as at least i know i can get in now with sudo.
Thanks for your help so far, i may be back come monday!
