...
Make sure perl and rrsync
are installed on the destination host for the file transfers. You can just put rrsync
in your personal bin directory there but make sure its executable:
Code Block |
---|
MyDesktop:~ > cp rrsync ~/bin MyDesktop:~ > chmod +x ~/bin/rrsync |
Generate restricted command ssh keys on Gadi:
Code Block |
---|
[dbs900@gadi-login-07 ~]$:~/.ssh > ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/900/dbs900/.ssh/id_rsa): /home/900/dbs900/.ssh/id_rsa_file_transfer Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/900/dbs900/.ssh/id_rsa_file_transfer. Your public key has been saved in /home/900/dbs900/.ssh/id_rsa_file_transfer.pub. The key fingerprint is: .... |
Yes, that was passphrase-less - just hit return when prompted for a passphrase.
Add the id_rsa_file_transfer.pub public key to the authorized_keys file on the file transfer target host but only with a restricted command prefix:
Code Block |
---|
MyDesktop:~/.ssh > cat authorized_keys
...
from="gadi-dm*.nci.org.au,gopher*.nci.org.au,gadi*.nci.org.au",command="~/bin/rrsync /data/archive",no-port-forwarding,no-
X11-forwarding,no-agent-forwarding,no-pty,no-user-rc ssh-rsa AAAAB3N ... ynuw== dbs900@gadi-login-07.nci.org.au
... |
Things to note:
rrsync
.On Gadi use something like:
Code Block |
---|
rsync -vrlpt ./ExpDir/ -e "ssh -i $HOME/.ssh/id_rsa_file_transfer" MyDesktop.myuni.edu.au:ExpDir |
to archive a directory on Gadi to a directory on the remote system under the nominated archive directory there.