Hi,
The main trick, the smoke and mirrors of rsync over ssh is getting the ssh
session authenticated without having to manually type in passwords. Of
course, you want your backups automated!
For a better understanding, let me describe what you need to do for a
one-way authentication with specified authentication flow, then you'll
understand how to do bi-directional authentication, should you need it.
Say you have server A that will recieve/hold the backup data, then you
have server B which you need to backup. On server B, generate your ssh
keys with ssh_keygen for the user that will be authenticated for backups.
I always name my ssh keys based on the hostname so that I can have have
multiple keys for differing servers exist in the same account. Make sure
that user exists on your target server A. Copy the PUBLIC(!) key generated
on server B at (default) $USERHOMEDIR/.ssh/somekey.pub to server A at
$USERHOMEDIR/.ssh/somekey.pub.
You now need two files on server A in your ~/.ssh/ directory that contain
your somekey.pub. To create these:
1) cat ~/.ssh/somekey.pub >> ~/.ssh/known_hosts (or known_hosts2 depending
upon which ssh protocol you use to authenticate)
2) cat ~/.ssh/somekey.pub >> ~/.ssh/authorized_keys (or authorized_keys2
depending upon which ssh protocol you use to authenticate)
You should be able to login to server A from server B without a password
at this point.
Switch the As and Bs around to create bi-directional authentication.
Gotcha's: /etc/ssh/sshd_config, /etc/ssh/ssh_config, Firewall configs,
ipfwadm, IPchains, IPtables
If you have questions over the holidays, I should be monitoring email,
though not terribly frequently. I'd be happy to help.