Rsync + SSH --让Server自动异地备援也加密

Rsync + SSH --让Server自动异地备援也加密
一.前言
自从911事件之后...异地备援这个名称就常听人提起...不过就是满少看到大家在讨论...刚好这次因为有需要...不得不研究这个东西...顺便看看大家都是怎样实作异地备援的...底下是个人的一点点心得...
这次主要分成三个部份...单向Trusted SSH Authorized...Rsync...Crontab....姑且不论传输速度为何...以及无时差的异地备援...相信这样的Solutions应该可以满足一般人的需求吧

二.准备
测试系统: Red Hat Linux 7.3 to Red Hat 7.3 ...
Local端需要启动Rsync...套件openssh-3.4p1-1

**假设: A (10.0.0.1)要对B (192.168.0.1)做异地备援
PS:角色定位要明确...当然您要巅倒的来做也行...

参考网站: http://www.fanqiang.com/a6/b7/20010908/1305001258_b.html

三.开始实作

1.完成单向Trusted SSH Authorized﹕
我要A (10.0.0.1)要对B (192.168.0.1)做异地备援...所以我针对A让它使用SSH连到B时...不需要输入密码...User是Root.. .SSH Version2的版本..首先要先在A(10.0.0.1)产生public/private dsa key pair..

[root@mondeo home]# cd /root/.ssh/
[root@mondeo .ssh]# ssh-keygen -d
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase): <--此处不打passphrase..下次才不会询问password
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
11:22:33:44:55:66:77:88:99:00:11:22:33:44:55:66 root@mondeo.adj.idv.tw
[root@mondeo .ssh]#

这时会在系统下看到两个档案...id_dsa与id_dsa.pub现在要把id_dsa.pub丢到192.168.0.1并且更名为authorized_keys2

[root@mondeo .ssh]# scp id_dsa.pub 192.168.0.1:/root/.ssh/authorized_keys2
root@192.168.0.1's password:
id_dsa.pub 100% |******************************************** *******************************| 612 00:00
[root@mondeo .ssh]#