[Techtalk] Incorporating ssh into a bash script
Conor Daly
conor.daly at oceanfree.net
Sun Jan 26 01:49:53 EST 2003
On Sat, Jan 25, 2003 at 08:39:52PM +0100 or so it is rumoured hereabouts,
Hamster thought:
> Daly,
>
> > Now that my back-up server is working fine, my boss
> > wants me to create a bash script that will ssh into
> > our remote database server, create a tar ball of the
> > database and copy the tar ball to the backup server.
Can I suggest rsync here? rsync works much like the cp command except
that it copies only what's changed. If you have a 2Gb database of which
20Mb changes each day, using tar -> cp will transfer the same 1.99Gb every
night while rsync will transfer only the 20Mb of changes.
> ssh can be invoked in the following manner:
>
> ssh -l root 192.168.100.1 tar - /some/directory >some.file
>
> ie, you can append the command to be run on the remote machine to the end of
> the ssh line.
>
> But in order for this to work in a shell script, you will have to set it up so
> that the remote machine doesnt ask you to login. This is achieved by setting up
> ssh to use pass-phrase-less keys for authentication.
>
> This means that instead of a username and password, the authentication is done
> by the exchange of keys.
>
> Once this is setup, you can have a shell script that includes something like
> the following (note this isnt the only way of doing it)
>
> ssh -l root 192.168.1.1 tar -c /some/dir > /root/name.of.tar
> scp root at 192.168.1.1:/root/name.of.tar /home/root
There was a brief thread here last June on "rsync with ssh using cron".
Essentially what you're going to do. In particular, there's a link to a
document by Rick Moen detailing the passphraseless rsync over ssh method.
It includes the detail of how to lock down the passphraseless key to only
this task[0] and to only your host. It's out there at:
http://linuxmafia.com/~rick/linux-info/ssh-publickey-process
As for the cron bit, it's simply a matter of:
crontab -e
add a line of the form
35 18 * * * /home/daly/rsync_database.sh
and save. That will run the script "/home/daly/rsync_database.sh" every
day at 18:35
Conor (who uses "Daly" at the _other_ end...)
[0] useful for when your private key somehow gets stolen 'cos the database
server will only run its side of the rsync transaction in response to that
key.
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
12:20am up 81 days, 9:04, 2 users, load average: 0.08, 0.02, 0.01
Hobbiton.cod.ie
12:20am up 31 days, 57 min, 5 users, load average: 0.48, 0.12, 0.04
More information about the Techtalk
mailing list