This is one of those topics that - despite being trite and hackneyed - often having to face and discuss in depth, especially when you start working with a new team. I refer to the procedures scp automatic synchronization between the files and / or directories on two servers, UNIX / Linux.

The logic is simple, and implementation requires less than a minute. But ... but there are many secondary factors that encourage the adoption of this approach only in specific cases. One of these is the chasm of security leading to the complete opening to anyone providing the private key. In short, it's late and risk to explain evil, we see the case and a few instructions for completing the whole.

Suppose we have two servers (A.test.com and B.test.com) and want to keep an exact copy of the directory / root / test by making a `scp` to every night from A.test.com B.test.com .

1. Generate the pair of private / public key on the local server A.test.com: 

 
 ssh-keygen-t rsa

When prompted for a password, do not enter anything in this way, the session `scp` may occur without any authentication request. If the private key falls into the wrong hands, however, the server is over. To this a solution of this type is good only on an intranet, between a main server and a backup, for example. And in any case is a solution to be adopted only for servers that are accessed by as few people as possible.

2. Copy the public key on the remote server B.test.com 

 
 scp ~ / .ssh / id_rsa.pub root@B.test.com: ~

3. Add the key copied to the remote server trusted keydel B.test.com
Access to the remote server and hang the key as follows: 

 
 cat ~ / id_rsa.pub >> ~ / .ssh / authorized_keys

In case the directory ~ / .ssh / authorized_keys does not exist, means that it has never been any generated key pair for the remote server. Run the command "ssh-keygen-t rsa". For safety, you should make sure that only the user key owner can access it: 

 
 chmod 600 ~ / .ssh / authorized_keys

4. Test access without a password A.test.com B.test.com 

 
 ssh root@B.test.com

Access is now without a request for a password.

5. Putting education scp in cron 

 
 scp-r / root / test / * root@B.test.com :/ root / test /

Look no further ...

Share this content:
  • del.icio.us
  • Google Bookmarks
  • Digg
  • Facebook
  • Technorati
  • MySpace
  • Twitter