How to automate rsync without asking for password prompt

Question

I would like to automate the rsync task as a cron job. Since it needs the passphrase I am not able to do the cronjob. I need to specify the passphrase along with the rsync command or I will store the passphrase in a file and I will read from it. My command will look like this:

rsync -aPe "ssh -i ' . $server->{'ssh_key'} . '" ' . $server_lock_dir;

So where do I put the password ?

Paul R · Answer 1 · 2018-03-06T09:10:14.167

15

You don't need to do that - just need to set up a pair of ssh keys and put the public key in the remote system's .ssh directory.

Then you just do this:

rsync -a -e ssh /local/path/ server:/remote/path/

(Note that -e ssh has been the default for quite a few years now, so you can probably omit it, unless you're using a very old version.)

There's a "how to" guide on setting up the keys here.

edited Mar 06 '18 at 09:10

answered Apr 21 '10 at 09:50

Paul R

208,748
37
389
560

1

The OP mentions the use of a sshkey with a passphrase. How does this solve the passphrase input? – ricosrealm Jan 31 '13 at 05:33
Most guides recommend creating the keys without a passphrase. – SDsolar Mar 06 '18 at 00:31
Watch out: if you run your command with `sudo` it will prompt for a password even with an SSH key pair. – totymedli Mar 01 '19 at 02:51

score 6 · Answer 2 · answered Apr 07 '11 at 02:48

If you want this to work from cron, you have several possibilities:

setup password-less ssh keys - not very secure
setup password-less ssh keys, but combine them with ssh ForceCommand in the authorized_keys file to limit the commands that can be run with that ssh key. See man sshd, google on "ssh ForceCommand"
setup passworded ssh keys, but combine them with keychain to keep the key in memory between sessions. I've written a blog post on this: ssh, ssh-agent, keychain and cron notes

score 4 · Answer 3 · edited Feb 20 '16 at 10:11

If you want to copy files remotely:

Make sure you have a public key on your local machine that can log into the remote machine.(in this case the my ssh-key is "/home/myaccount/.ssh/id_rsa"
Specify local folder you want to sync with the remote, in my case "/home/myaccount/mysourcefolder"
Specify the destination folder full path in the remote server, in my case remoteaccount@remoteserver:"/home/remoteaccount/mydestinationfolder/"

Note:

--progress is to show progress for each file being copied
-a to transfer recusively all files in the mysourcefolder
-v for verbosity
-z to compress data portions for small files

My command will look like below:

rsync -avz --progress -e "ssh -i /home/myaccount/.ssh/id_rsa" /home/myaccount/mysourcefolder remoteaccount@remoteserver:"/home/remoteaccount/mydestinationfolder/"

How exactly did you create "/home/myaccount/.ssh/id_rsa" and what is written in there? Is it the password for the remote server in plaintext (without encryption)? I don't want other users of my computer (including the admin) to be able to read my password. — mcExchange, Dec 22 '15 at 13:51

How to automate rsync without asking for password prompt

3 Answers3