HPE Community
Operating System - HP-UX
1753546 Members
5603 Online
108795 Solutions
New Discussion юеВ

root password was changed now rsync does not work

 
SOLVED
Go to solution
Neil Alertsen
Advisor

тАО09-14-2010 12:19 PM

тАО09-14-2010 12:19 PM

root password was changed now rsync does not work

Hello,

We changed our root password on both of our servers. Now, rsync is failing to authenticate.

I did not install the rsync software so I am not familiar with configuring it. Is the password in some file that needs updated? Will rsync need to be re-compiled?

Thank you for any help you can give me.

Neil
0 Kudos
18 REPLIES 18
James R. Ferguson
Acclaimed Contributor

тАО09-14-2010 12:29 PM

тАО09-14-2010 12:29 PM

Re: root password was changed now rsync does not work

Hi Neil:

This sounds like you have used:

--password-file=FILE

Look at your 'rsync' script parameters. If you see the above, change the password in 'FILE' appropriately.

Regards!

...JRF...
0 Kudos
Neil Alertsen
Advisor

тАО09-14-2010 01:05 PM

тАО09-14-2010 01:05 PM

Re: root password was changed now rsync does not work

Hi JRF,

Please pardon my ignorance but where would the rsync parameters be defined? Are they defined in a file or at the command line?

The command that we are attempting to run is:
/usr/local/bin/rsync -av --delete -e "ssh" /lvol2b/production/ ihcc2:/datatel/co
ll18/production >>/var/adm/syslog/rsync.log

Thank you for your lightning quick response.

Neil
0 Kudos
James R. Ferguson
Acclaimed Contributor

тАО09-14-2010 01:46 PM

тАО09-14-2010 01:46 PM

Re: root password was changed now rsync does not work

Hi (again) Neil:

OK, so you are using 'rsync' over 'ssh' and not a yukky password file. That's good. Beside the root password change (which should not have affected this) what else was changed? Perhaps did someone due a "security" adjustment based on an auditor's "mandate"?

Regards!

....JRF...
0 Kudos
Jim Walls
Trusted Contributor

тАО09-14-2010 02:12 PM

тАО09-14-2010 02:12 PM

Re: root password was changed now rsync does not work

Two things you might do:

Look for ssh errors in the remote server's /var/adm/syslog/syslog.log (or possibly local0.log). That might give you a clue.

Try modifying the rsync call as follows to get more information and post the output here.

rsync -av -e "ssh -v" ... ... ...

Placement of the second "v" between the quotes is important!

I am assuming you use default ssh keys, which is why you do not usually need to supply a password.


0 Kudos
Neil Alertsen
Advisor

тАО09-14-2010 02:45 PM

тАО09-14-2010 02:45 PM

Re: root password was changed now rsync does not work

About that same time, I disabled the root login via telnet from anywhere but the console. I also disabled the SSH port on the source box.

I just tested the "-v" option and the rsync was successful. I was required to type in the root password to make it work.

This is part of what I saw:
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /.ssh/identity
debug1: Trying private key: /.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Authentication succeeded (keyboard-interactive).

Any ideas?

Neil
0 Kudos
Jim Walls
Trusted Contributor

тАО09-14-2010 03:03 PM

тАО09-14-2010 03:03 PM

Re: root password was changed now rsync does not work

What else did you change? ;O)

Do you see any messages in the remote server's syslog?

Please post the output from:

ls -al ~root/.ssh

from both servers.

0 Kudos
Neil Alertsen
Advisor

тАО09-14-2010 03:10 PM

тАО09-14-2010 03:10 PM

Re: root password was changed now rsync does not work

This started between July/August. I cannot recall any other changes at this time but I'll continue to update you as I remember or find my more of my notes.

The source has:
# ls -al ~root/.ssh
total 64
drwx------ 2 root sys 8192 Jul 14 15:30 .
drwxr-xr-x 26 root root 8192 Sep 14 18:00 ..
-rw------- 1 root sys 1675 Jul 14 15:30 id_rsa
-rw------- 1 root sys 1424 Apr 29 14:53 known_hosts
#

The destination has:
# ls -al ~root/.ssh
total 64
drwx------ 2 root sys 96 Sep 15 2008 .
drwxr-xr-x 25 root root 8192 Sep 12 05:27 ..
-rw-r--r-- 1 root sys 1111 Sep 15 2008 authorized_keys
-rw------- 1 root sys 1111 Sep 10 2008 ihcc-250-rsync-key.pub
-rw------- 1 root sys 1111 Sep 10 2008 temp
#

Neil
0 Kudos
Neil Alertsen
Advisor

тАО09-14-2010 03:14 PM

тАО09-14-2010 03:14 PM

Re: root password was changed now rsync does not work

Here is the syslog errors for the failed atttmpts:

Sep 14 17:59:17 ihcc2 sshd[19351]: error: PAM: Authentication failed for root from ihcc
Sep 14 17:59:15 ihcc2 sshd[19349]: Failed password for root from 192.168.193.250
port 54141 ssh2
Sep 14 17:59:21 ihcc2 sshd[19351]: Failed keyboard-interactive/pam for root from
192.168.193.250 port 54147 ssh2
Sep 14 17:59:21 ihcc2 sshd[19351]: Failed password for root from 192.168.193.250
port 54147 ssh2
Sep 14 17:59:21 ihcc2 sshd[19351]: error: PAM: Authentication failed for root from ihcc
Sep 14 18:00:03 ihcc2 above message repeats 2 times
#

Neil
0 Kudos
Jim Walls
Trusted Contributor

тАО09-14-2010 03:22 PM

тАО09-14-2010 03:22 PM

Re: root password was changed now rsync does not work

The permissions look OK.

You haven't daid if there are any messages in the syslog.

I would expect to find something like...
Sep 15 11:16:21 svrasdf sshd[4320]: Accepted publickey for root from 10.10.10.193 port 50854 ssh2

If it worked... and summat else when it fails on the publickey; followed by acceptance of the password.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.