Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setting Up Google 2F Authentication for Automated (Crontab) rsync
Operating Systems Linux Setting Up Google 2F Authentication for Automated (Crontab) rsync Post 303038370 by Neo on Sunday 1st of September 2019 04:15:29 AM
Old 09-01-2019
Setting Up Google 2F Authentication for Automated (Crontab) rsync
Dear All,

I have Google Two Factor (2F) Authentication enabled for sshd on most of my Linux servers. This works well and I highly recommend it.

My question is:

Has anyone set this up for rsync which runs in a crontab?

For example, supposed we have this simple crontab script:

Code:
/usr/bin/rsync -qpavzh --rsh="/usr/bin/sshpass -f '/var/local/.secure' ssh -o StrictHostKeyChecking=no -l user" user@myserver.com:/var/data/dumps/ /var/data/dumps/

This works fine, of course, when syncing some backup files across the net without 2FA; but I want to do the same thing using Google Authenticator for 2FA.

Has anyone set this up on any of their servers?

Thanks.
This User Gave Thanks to Neo For This Post:
RavinderSingh13
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Setting crontab

Hey all, I would like to know how to set a cron job to run from 8:15 am to 4:00 pm? Or do I have to do this in 2 seperates cron? Thanks! (4 Replies)
Discussion started by: mpang_
4 Replies

2. Linux

Setting up crontab, still cant get it to work

OK I have been working on this simple action for a while and I cannot get it to work. First off im new to the linux command line world. I feel like I am missing something simple. What I am trying to achieve is that I want this command: tcpdump -s2000 -w'flowroute-%H%M.pcap' -G900 -W36 &to... (13 Replies)
Discussion started by: Nasasdge
13 Replies

3. Shell Programming and Scripting

Crontab setting error

Hi All, I have created crontab using following steps- 1) crontab -e (edited the file with) 0 10 * * 1-5 /home/user01/exercise/cron.sh 2) then saved this file with :wq 3) cron.sh contains the code- #!/bin/bash DAY=`date +%a` mkdir abc_${DAY} 4) done the execut permision... (3 Replies)
Discussion started by: pspriyanka
3 Replies

4. UNIX for Dummies Questions & Answers

Need some help on setting up rsync

I need to "sync" a directory from a prod server to a test server. Rsync is working but it prompts for a password and I'd like to automate the process. The directory on the prod/source server is owned by root, and some subdirectories are only readable by root. On the test/destination servers, I can... (1 Reply)
Discussion started by: LAToro
1 Replies

5. UNIX for Advanced & Expert Users

Error while running Rsync through Crontab

hi All, i have implemented Rsync in my source and destination server. while running through command prompt it is working fine: ksh rsync_bravo_db.ksh usa0300uz1252.apps.mc.xerox.com /uv1402/u207/home/bravodba/bin/rsync-3.0.9/config/mrsx_rsync.cfg but later on i created a another ksh and... (4 Replies)
Discussion started by: lovelysethii
4 Replies

6. UNIX for Dummies Questions & Answers

Crontab setting

Hi Team, Please help me to set one script in crontab. I have one script and inside script, its creating one log file for saving ouptut of script. i have to out that script in crontab. When i put the script in cronatab, it executed and log file created but no data in log. like this i put in... (3 Replies)
Discussion started by: shivshankar
3 Replies

7. Linux

Trouble setting up basic user authentication on apache2 web server

Hey guys! So I decided to set up some basic user authentication on my apache2 server, and I am running into some problems. I followed the documentation provided by apache on their website, but I cant create the password file for some reason. I did a little trouble shooting myself, and found... (40 Replies)
Discussion started by: LinuxIntern445
40 Replies

8. Shell Programming and Scripting

Crontab setting

Hi All, Can anyone tell me how to schedule the dbshell.sh script to run on sunday. I have scheduled as 1 19 7 * * /home/svr/dbshell.sh. kindly confirm confirm whether coded "7" or it should set to '0'. unix:$ crontab -l 0 19 6 * * /home/svr/dbemail.sh 1 19 7 * * /home/svr/dbshell.sh (2 Replies)
Discussion started by: arun888
2 Replies

9. UNIX for Advanced & Expert Users

Crontab authentication failure

Dear all, I noticed in syslog that i receive authentication failure from cron: Mar 11 23:19:01 s1 CRON28789]: Authentication failure Mar 11 23:19:01 s1 cron: Authentication failure Mar 11 23:19:01 s1 cron: Authentication failure Mar 11 23:19:01 s1 CRON: Authentication failure Mar 11... (3 Replies)
Discussion started by: mydove
3 Replies

LEARN ABOUT CENTOS

pam_ssh_agent_auth

pam_ssh_agent_auth(8)							PAM						     pam_ssh_agent_auth(8)

PAM_SSH_AGENT_AUTH
       This module provides authentication via ssh-agent.  If an ssh-agent listening at SSH_AUTH_SOCK can successfully authenticate that it has
       the secret key for a public key in the specified file, authentication is granted, otherwise authentication fails.

SUMMARY

       /etc/pam.d/sudo: auth	sufficient     pam_ssh_agent_auth.so file=/etc/security/authorized_keys
       /etc/sudoers:
	    Defaults	env_keep += "SSH_AUTH_SOCK"

       This configuration would permit anyone who has an SSH_AUTH_SOCK that manages the private key matching a public key in
       /etc/security/authorized_keys to execute sudo without having to enter a password. Note that the ssh-agent listening to SSH_AUTH_SOCK can
       either be local, or forwarded.

       Unlike NOPASSWD, this still requires an authentication, it's just that the authentication is provided by ssh-agent, and not password entry.

ARGUMENTS

       file=<path to authorized_keys>
	   Specify the path to the authorized_keys file(s) you would like to use for authentication. Subject to tilde and % EXPANSIONS (below)

       allow_user_owned_authorized_keys_file
	   A flag which enables authorized_keys files to be owned by the invoking user, instead of root. This flag is enabled automatically
	   whenever the expansions %h or ~ are used.

       debug
	   A flag which enables verbose logging

       sudo_service_name=<service name you compiled sudo to use>
	   (when compiled with --enable-sudo-hack)

	   Specify the service name to use to identify the service "sudo". When the PAM_SERVICE identifier matches this string, and if PAM_RUSER
	   is not set, pam_ssh_agent_auth will attempt to identify the calling user from the environment variable SUDO_USER.

	   This defaults to "sudo".

EXPANSIONS

       ~  -- same as in shells, a user's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file if used in the context of ~/. If used as ~user/, it would expect the file
	   to be owned by 'user', unless you explicitely set allow_user_owned_authorized_keys_file

       %h -- User's Home directory
	   Automatically enables allow_user_owned_authorized_keys_file

       %H -- The short-hostname
       %u -- Username
       %f -- FQDN

EXAMPLES

       in /etc/pam.d/sudo

       "auth sufficient pam_ssh_agent_auth.so file=~/.ssh/authorized_keys"
	   The default .ssh/authorized_keys file in a user's home-directory

       "auth sufficient pam_ssh_agent_auth.so file=%h/.ssh/authorized_keys"
	   Same as above.

       "auth sufficient pam_ssh_agent_auth.so file=~fred/.ssh/authorized_keys"
	   If the home-directory of user 'fred' was /home/fred, this would expand to /home/fred/.ssh/authorized_keys.  In this case, we have not
	   specified allow_user_owned_authorized_keys_file, so this file must be owned by 'fred'.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%H/%u/authorized_keys allow_user_owned_authorized_keys_file"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar/fred/authorized_keys.	In this case, we specified
	   allow_user_owned_authorized_keys_file, so fred would be able to manage that authorized_keys file himself.

       "auth sufficient pam_ssh_agent_auth.so file=/secure/%f/%u/authorized_keys"
	   On a host named foobar.baz.com, and a user named fred, would expand to /secure/foobar.baz.com/fred/authorized_keys.	In this case, we
	   have not specified allow_user_owned_authorized_keys_file, so this file must be owned by root.

v0.8								    2009-08-09						     pam_ssh_agent_auth(8)
All times are GMT -4. The time now is 06:31 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy