You are viewing a plain text version of this content. The canonical link for it is here.

Posted to sysadmins@spamassassin.apache.org by "Kevin A. McGrail" <ke...@mcgrail.com> on 2017/11/14 14:59:10 UTC

Re: Is the rsync OK?

On 11/14/2017 2:26 AM, John Hardin wrote:
> On Tue, 14 Nov 2017, Jari Fredriksson wrote:
>
>> but it still asks for the password.
>
> It sounds like your SSH public/private key setup has broken. Ensure 
> that your private key is still available at your end. Try ssh to the 
> rsync box and verify that the public side is still setup properly. 
> "ssh -v" should tell you pretty quickly whether the PK cert is being 
> attempted and if so whether it's succeeding or falling back to 
> interactive password auth.
>
> It's possible that the cert algo is no longer being accepted by the 
> server. I recently (a year or so back) upgraded my ssh servers and 
> found that some of my old private keys were no longer being accepted 
> because DSA was deprecated (IIRC) and I had to generate new ones. 

Have to admit I'm confused.  Off the cuff I was wondering if something 
with the rsyncd.conf changed.  I don't think we are using certs or SSH 
and don't understand your post.

Regards,
KAM

Re: Is the rsync OK?

Posted by Jari Fredriksson <ja...@iki.fi>.


> Kevin A. McGrail <ke...@mcgrail.com> kirjoitti 14.11.2017 kello 20.19:
> 
> On 11/14/2017 1:13 PM, Jari Fredriksson wrote:
>> 
>> Prayers.
>> 
> Ommmmmmm
> 

That worked, but it is a mod for auto-mass-check.sh which has worked for ages.

br. jarif

Re: Is the rsync OK?

Posted by "Kevin A. McGrail" <ke...@mcgrail.com>.

On 11/14/2017 1:13 PM, Jari Fredriksson wrote:
>
> Prayers.
>
Ommmmmmm

Re: Is the rsync OK?

Posted by Jari Fredriksson <ja...@iki.fi>.


> Jari Fredriksson <ja...@bitwell.fi> kirjoitti 14.11.2017 kello 18.21:
> 
> 
> 
>> Kevin A. McGrail <ke...@mcgrail.com> kirjoitti 14.11.2017 kello 16.59:
>> 
>> On 11/14/2017 2:26 AM, John Hardin wrote:
>>> On Tue, 14 Nov 2017, Jari Fredriksson wrote:
>>> 
>>>> but it still asks for the password.
>>> 
>>> It sounds like your SSH public/private key setup has broken. Ensure that your private key is still available at your end. Try ssh to the rsync box and verify that the public side is still setup properly. "ssh -v" should tell you pretty quickly whether the PK cert is being attempted and if so whether it's succeeding or falling back to interactive password auth.
>>> 
>>> It's possible that the cert algo is no longer being accepted by the server. I recently (a year or so back) upgraded my ssh servers and found that some of my old private keys were no longer being accepted because DSA was deprecated (IIRC) and I had to generate new ones.
>> 
>> Have to admit I'm confused.  Off the cuff I was wondering if something with the rsyncd.conf changed.  I don't think we are using certs or SSH and don't understand your post.
>> 
>> Regards,
>> KAM
>> 
> 
> Indeed. I have no spam assassin related settings in my .ssh/config and I had no idea I was using ssh for this. But indeed, the rsync as it is runs on top of ssh…
> 
> Really strange.
> 
> br. jarif
> 

It started again. Now rsyncing my corpus to the power machine. I added the password to auto-mass-check.sh as this:

  echo $RSYNC_PASSWORD|rsync $ARGS

Prayers.

Re: Is the rsync OK?

Posted by Jari Fredriksson <ja...@bitwell.fi>.


> Kevin A. McGrail <ke...@mcgrail.com> kirjoitti 14.11.2017 kello 16.59:
> 
> On 11/14/2017 2:26 AM, John Hardin wrote:
>> On Tue, 14 Nov 2017, Jari Fredriksson wrote:
>> 
>>> but it still asks for the password.
>> 
>> It sounds like your SSH public/private key setup has broken. Ensure that your private key is still available at your end. Try ssh to the rsync box and verify that the public side is still setup properly. "ssh -v" should tell you pretty quickly whether the PK cert is being attempted and if so whether it's succeeding or falling back to interactive password auth.
>> 
>> It's possible that the cert algo is no longer being accepted by the server. I recently (a year or so back) upgraded my ssh servers and found that some of my old private keys were no longer being accepted because DSA was deprecated (IIRC) and I had to generate new ones.
> 
> Have to admit I'm confused.  Off the cuff I was wondering if something with the rsyncd.conf changed.  I don't think we are using certs or SSH and don't understand your post.
> 
> Regards,
> KAM
> 

Indeed. I have no spam assassin related settings in my .ssh/config and I had no idea I was using ssh for this. But indeed, the rsync as it is runs on top of ssh…

Really strange.

br. jarif