========================================== tar for ssh transport to other hosts tar cvf ssh_bin.tar /usr/local/bin/ssh*,scp*,slogin tar uvf ssh_bin.tar /usr/local/bin/ssh-keygen*,ssh-agent* #tar uvf ssh_bin.tar /usr/local/bin/ssh-add1,ssh-add,ssh-askpass* tar uvf ssh_bin.tar /usr/local/bin/make-ssh* tar uvf ssh_bin.tar /etc/ssh* tar uvf ssh_bin.tar /etc/rc2.d/S10sshd,K10sshd /etc/init.d/sshd tar uvf ssh_bin.tar /usr/local/sbin/sshd* tar uvf ssh_bin.tar /usr/local/man/man1/ssh*,slogin*,scp*,make-ssh* /usr/local/man/man8/{sshd.8,sshd1.8} tar uvf ssh_bin.tar /etc/pam.d/sshd.pam tar uvf ssh_bin.tar /usr/local/ssh-docs gzip ssh_bin.tar Installing on a number of machines: ========================================== generate key extract in root and generate a host key: ssh-keygen -b 1024 -f /etc/ssh_host_dsa_key -N '' -t dsa; ssh-keygen -b 1024 -f /etc/ssh_host_rsa_key -N '' -t rsa; Add the ssh service, by adding the following to /etc/services: ssh 22/tcp # Secure Shell Start the ssh daemon: /etc/rc2.d/S10sshd start ------------------------------------------ ssh-keygen -b 1024 -f identity -P '' -t dsa transfer the public key to the server scp identity.pub kuser@[ip.of.server]:~/identity-[ip.of.client].pub cat identity-[ip.of.client].pub >> .ssh/authorized_keys ========================================== Running scripts over ssh ssh-agent ========================================== keep ssh alive while sleep 300; do echo -en '\000'; done & ========================================== platforms andrew2.andrew.cmu.edu/dist/niftytelnet.html MAC www.lysator.liu.se/~jonasw www.cl.cam.ac.uk/~fapp2/software/java-ssh http://www.bastille-linux.org/jay/stupid-protocols.html ========================================== ssh, autologin Create a ssh key (using ssh-keygen), copy the public part (the *.pub file) into your /root/.ssh/authorized_keys file on all hosts.. and there you go. If this doesnt work, things to check are: - file permissions on /root/.ssh and /root/.ssh/authorized_keys - "PermitRootLogin" in /etc/ssh/sshd_config is set to "without-password" or "yes" ------------------------------- ssh copy_host "cd /saved/dir; tar cf . | nc -l -p 2222" cd /target; nc copy_host 2222 | tar xvf - ------------------------------- SMTP tunneling ssh -2 -N -f -L 13025:zima.linwin.com:25 user1@host.linwin.com 2>/dev/null as root ssh -L 110:mailhost:110 -l user -N mailhost ssh -L 110:mailhost:110 -L 25:mailhost:25 -l user -N mailhost ------------------------------- If the machine that you installed rsync on is firewalled (I hope so!), just block incoming access to TCP port 873. That's the port that the rsync daemon listens on. Also, you should be able to configure the rsync daemon to only listen on the loopback interface. Of course, port 22 for ssh will need to be open. Then, from your backup host, you'll need to log into ssh like this: ssh -l -L 873:localhost:873 That will set up a tunnel from port 873 on your local machine to port 873 on the loopback interface of the remote machine. Then you can use rsync on your local machine to connect to its local port 873. ssh will take of the rest and forward the connection to the remote machine for you. The command line might look like this: rsync --delete -ravz user@localhost::BackupDir BackupDir ------------------------------- no rsync server running on target machine [user@hlocal ~/tmp/rsync]$ ls [user@hlocal ~/tmp/rsync]$ rsync hremote:: rsync: failed to connect to hremote: Connection refused rsync error: error in socket IO (code 10) at clientserver.c(83) [user@hlocal ~/tmp/rsync]$ rsync -av --progress -e ssh user@hremote:/home/user/bin/g* .