rsync through multiple ssh hops with password authentication
manuellopezibanez at yahoo.es
Wed Oct 19 23:05:56 GMT 2005
Wow! Dude! This is the most comprehensive, user-friendly, nice,
knowledgeable answer I have ever received. Thanks very much! That
I understand completely that it's not rsync's job to handle ssh password
prompts, however, isn't it the first password prompt handled by rsync?
Why the other password prompts cannot be handled in a similar way? This
is jut curiosity, feel free to NOT answer if you are very busy.
Matt McCutchen wrote:
> On Wed, 2005-10-19 at 22:22 +0100, Manuel LÃ³pez-IbÃ¡Ã±ez wrote:
>>Thanks very much. However, for several reasons, I cannot apply that
>>"trick" in my case. Apart from those reasons, there is no X server on
>>middle or target at all. [...] And what should I put in $DISPLAY?
> Graphical programs find the appropriate X server on which to show their
> windows via the $DISPLAY variable. When you log into X, $DISPLAY is
> automatically set to a code for your display, often :0.0, in the
> environment of all programs started via X. Conveniently enough, X
> programs communicate with X servers through sockets and ports, and SSH
> already has code to forward ports. When SSH does "X forwarding", it
> sets up a virtual display of sorts on the remote machine and points the
> remote $DISPLAY to this display. When you run a remote graphical
> program, it reads $DISPLAY and connects to the corresponding port; SSH
> is watching this port and redirects the program to the real X server
> port on your machine.
> In short, you can just tell SSH to do X forwarding and remote graphical
> programs will show their windows on "source". You need not set $DISPLAY
> yourself, nor do you need an X server on any machine but "source".
>> Moreover, which password-prompting program
>>should I use? middle is an OpenBSD machine.
> SSH usually comes with one of these programs, and it is called
> "ssh-askpass" or similar. My system has a "gnome-ssh-askpass" and even
> sets $SSH_ASKPASS automatically to this program. Failing that, a little
> program called Zenity can be scripted to pop up simple dialog boxes; you
> might be able to find a BSD version and use "zenity --entry" as your
> $SSH_ASKPASS command.
>>Finally, I am not sure if your first paragraph means that this is
>>impossible and it won't be implemented in rsync.
> I guess an option /could/ be added to rsync to have it send some data
> across the network before it begins its protocol, but rsync's job isn't
> to handle SSH authentication; it expects to be provided with a working
> transport of some kind so that it can synchronize files. Rsync is not
> the only tool that sometimes makes SSH connections without a terminal at
> which the user can input the password, which is why there are alternate
> techniques like this one, public key authentication, and ssh-agent.
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
More information about the rsync