The scripts run various commands on the production machine, using a remote-shell
such as rsh. Depending on the method you choose for running rsync, a
remote-shell might also be used by rsync itself to start a remote server and
establish a connection with it. If your production machine runs one of the
windows flavors, the below gives some note on how to setup cygwin
to make this work. There may be better or alternative ways to do the same, so
refer to cygwin documentation for more information.
- Install cygwin. Make sure you choose the basic packages (min. recommended,
this is automatically selected), and additionally at least OpenSSH package.
- Once the setup is done, do the following steps:
- generate /etc/passwd file:
mkpasswd -l -d > /etc/passwd
- Generate /etc/group file:
mkgroup -l -d > /etc/group
- Make sure the home directory for the user is setup properly:
mkdir -p c:/home/<username>
mount c:/home /home
- Make sure you have a c:/tmp directory and mount it as /tmp.
mkdir -p c:/tmp
mount -s -b -f c:/tmp /tmp
- Optionally set your "User Environmental Variable" HOME to c:/home/<username>
- To setup ssh:
- On the production machine:
- Execute "ssh-host-config" command. Choose defaults or "yes" for all the
prompts.
- Turn on the "PermitUserEnvironment" option in etc/sshd_config file.
- Start sshd service.
- On the backup machine, execute "ssh-user-config" command (while logged in as
the user that is interested in using ssh client). Choose defaults or "yes"
for all the prompts. Optionally you can give a passphrase when prompted, but
note that setting a passphrase, though recommended, will make running the
scripts as a windows service or Unix daemon extremely difficult, because the
service/daemon will not be able to prompt you for the passphrase, and the
usual ssh-agent method is not practicle to setup during the system startup.
- Check if the keys are generated in your $HOME/.ssh directory.
- Add the $HOME/.ssh/id_rsa.pub key from the client to the
$HOME/.ssh/authorized_keys on the server.
- Now try logging into the server using ssh. You should get a prompt to accept
an unknown server, and then be able to login.
- Refer to the articles: http://www.securityfocus.com/infocus/1810 and
http://www.securityfocus.com/infocus/1812 for additional information on
setting/using (such ssh-agent) ssh and other notes on securing files.
- To setup rsh:
- setup "inetd" daemon. The inetd daemon by default has several unix-style
services enabled, including rsh. To do this run the following command. This
will install a service named "inetd".
/usr/sbin/inetd --install-as-service
- start the service using the command:
net start inetd
- modify the $HOME/.rhosts file on the production machine (create it if it
doesn't exist) and add entry of the form. This will disable password prompt and
enable automatic logins for the scripts to be run non-interactively.
<backup machine name> <user name>
- Try connecting to this m/c remotely using rsh. You shouldn't be prompted for
a password.