Обсуждение: postgres user with automate rsync and private/public key pairs
Hi here!
Centos 6.4
Postgres 9.1
I want to automate rsync backups from server1 to server2 via ssh using the postgres(linux deamon user) and a pair of private/public keys generated by ssh-keygen
I generated the keys in Server1 and copy and added id_rsa.pub to /var/lib/pgsql/.ssh/authorized_keys in Server2. all owned by postgres:postgres and chmod 700 to .ssh/ folder and chmod 600 to authorized_key file.
But when try to test it and try to access via ssh always ask for postgres password.
Same procedure works properly for others user, but not for postgres user.
postgres user is installed without password, I believed that this is the problem and I try to set a password, but the problem persists although postgres user has a password, can connect without avoid the ssh password required prompt.
At first it seems that everything is properly configured, I forget something?
Can postgres (linux user) login via ssh with private/public pair keys?
Last think ... I try to reset the postgres user as initial setup (without password) using passwd -d command but shadow file shows different blank password is not as double exclamation I don't know if it's indiferent for correct postgres work or there are some way to reset original postgres user values.
postgres::15849:0:99999:7:::
instead of:
postgres:!!:15646::::::
Thanks for your comments
2013/6/14 Daniel Vázquez <daniel2d2art@gmail.com>: > Hi here! > > Centos 6.4 > Postgres 9.1 > > I want to automate rsync backups from server1 to server2 via ssh using the > postgres(linux deamon user) and a pair of private/public keys generated by > ssh-keygen > > I generated the keys in Server1 and copy and added id_rsa.pub to > /var/lib/pgsql/.ssh/authorized_keys in Server2. all owned by > postgres:postgres and chmod 700 to .ssh/ folder and chmod 600 to > authorized_key file. > But when try to test it and try to access via ssh always ask for postgres > password. > > Same procedure works properly for others user, but not for postgres user. > postgres user is installed without password, I believed that this is the > problem and I try to set a password, but the problem persists although > postgres user has a password, can connect without avoid the ssh password > required prompt. > > At first it seems that everything is properly configured, I forget > something? > Can postgres (linux user) login via ssh with private/public pair keys? There's no reason why that shouldn't work in principle. There are a couple of potential issues related to the SSH configuration (/etc/ssh/sshd_config) I can think of: - if AllowGroups is set, the postgres user will need to be member of one of the groups defined; - if StrictModes is set to "yes", the postgres user directory should not be world-writeable (not that it should be anyway). Looking at /var/log/auth.log might provide more clues. Regards Ian Barwick > > Last think ... I try to reset the postgres user as initial setup (without > password) using passwd -d command but shadow file shows different blank > password is not as double exclamation I don't know if it's indiferent for > correct postgres work or there are some way to reset original postgres user > values. > > postgres::15849:0:99999:7::: > > instead of: > > postgres:!!:15646:::::: > > > Thanks for your comments
On Jun 14, 2013, at 5:31 AM, Ian Lawrence Barwick wrote: > Looking at /var/log/auth.log might provide more clues. as might ssh -vvv -- Scott Ribe scott_ribe@elevated-dev.com http://www.elevated-dev.com/ (303) 722-0567 voice