SUMMARY: dump

From: Lito A. Lampitoc <ral_at_codewan.com.ph>
Date: Mon Feb 18 2002 - 01:00:36 EST
Thank you for all who replied to my post.

My original question was:

Is it possible to dump a filesystem from Solaris box  to a Linux box?
from my linux box I do:

#ssh solarisbox ufsdump 0f  linuxbox:/dev/tape /remote_filesystem

but I got an error message:

 DUMP: Permission denied.
  DUMP: Cannot connect to tape host `solarisbox'
  DUMP: The ENTIRE dump is aborted.

Is it possible to dump a filesystem from Solaris box  to a Linux box?
from my linux box I do:

#ssh solarisbox ufsdump 0f  linuxbox:/dev/tape /remote_filesystem

but I got an error message:

 DUMP: Permission denied.
  DUMP: Cannot connect to tape host `solarisbox'
  DUMP: The ENTIRE dump is aborted.

the solarisbox hostname is in /etc/hosts.equiv and /etc/ssh/shosts.equiv
of my linux box. I
even add it to .hosts file.

Solution:

1.) Two problems:

(a) ufsdump uses rsh, and rsh ONLY. So the tapehost needs to be
accepting
rsh connections from the Solaris host.

(b) ufsdump relies on rmt's "S" (status) command, which is
platform-dependent.
If your tapehost has a standard Linux implementation of /etc/rmt, things

won't work. It shouldn't be too difficult to modify rmt on Linux to be
Solaris-compatible.

What people usually do is ufsdump -f - | [rs]sh tapehost dd
of=/dev/tape.

One example is:
#ssh solarisbox ufsdump 0f - /remote_filesystem | ssh linuxbox dd
of=/dev/tape

2. AUTOMATIC ROOT AUTHENTICATION VIA PUBKEY FOR OPENSSH

Introduction: As secure replacement for rsh (and other r* and telnet
commands), I have setup automatic root authentication thru RSA pubkey.
Once you are logged in a root in any of the unix machines, there is
no need to type a password when you connect to another machine. To do
this:

a) Generate a pair of RSA id keys using ssh-keygen and copy the
generated
keys to appropriate files in the /.ssh directory:

ssh-keygen -t rsa
cp id_rsa identity
cp id_rsa.pub identity.pub
cp id_rsa.pub authorized_keys

Note: Dont put any passphrase. If you want passphrase, you must activate

ssh-agent forwarding.

b) Copy all files generated above to all unix machines /.ssh directory.
This must be the last application of rcp/rsh. :)

c) Before you can proceed, you must generate a list of host-keys. This
can
be done by concatenating all /etc/ssh/ssh_host_rsa_key.pub and/or
/etc/ssh/ssh_host_d sa_key.pub together. This is tedious ! The output
goes
to /etc/ssh/ssh_known_hosts of all unix machines and must be world
readable.

d) Afterwards, 'ssh remote_machine' as root should not ask for root
passwd
anymore. Ssh has now replaced the insecure rsh and .rhosts. The latter
can now be decimated.

Note: In the sshd_config, you must have:

PermitRootLogin yes

and AllowedAuthentication must be pubkey OR passwd. There must be no
RequiredAuthentication option.

3. In your linuxbox:/root/.ssh change the name of ssh_known_hosts to
ssh_known_hosts2.

--
Lito A. Lampitoc
Foundation for Communication Initiatives                phone:+63(2)8941345
CodeWAN Project                                 http://www.codewan.com.ph
--
Things which matter most must not be in the mercy of things which
 matter least" - Goethe.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Mon Feb 18 00:11:18 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:34 EST