# keychain/ssh-agent problem

## slackline

Hi,

I'm working through getting rsync setup to play nicely and backup my directories to my NAS using cron but am having some problems, the first of which is that despite having ssh-agent/keychain installed and working fine between laptops it doesn't appear to use the key from my NAS after logging in, and from a terminal I have to 'ssh-agent' before I can login to my NAS without having to give a password (for either login or my RSA/DSA key).

Logging into X I have net-misc/ssh-askpass-fullscreen installed prompting me for my RSA and DSA key passwords, and after first logging in ssh-agent is up and running, but I can't just ssh without password straight to the NAS without first running ssh-agent under a Terminal (I use x11-terms/terminal udner Xfce).

Any thoughts as to what might be going on here or where to look to sort this out would be appreciated.

Cheers

slack

----------

## grimm26

I have something similar set up with a set of servers.  I just have these two lines in the ~/.bash_profile for the user doing the rsyncs across servers (on each server):

```

keychain --agents ssh ~/.ssh/id_dsa

. ~/.keychain/$HOSTNAME-sh

```

I just need to make sure that after a reboot, I login as that user to make sure keychain/ssh-agent are fired off.  

If I follow you correctly, you are firing off rsync from your laptop to sync files to your NAS box.  If that is the case, you don't even need ssh-agent/keychain on the NAS box, just a copy of your public key.  As long as you have logged into your laptop and started keychain/ssh-agent, you should be fine.  You do need to have your cron script source ~/.keychain/$HOSTNAME-sh to know how to access ssh-agent.  Maybe that's what you are missing?

----------

## slackline

 *grimm26 wrote:*   

> I have something similar set up with a set of servers.  I just have these two lines in the ~/.bash_profile for the user doing the rsyncs across servers (on each server):
> 
> ```
> 
> keychain --agents ssh ~/.ssh/id_dsa
> ...

 

I am ultimately aiming at getting fcron to schedule the rsync task, but as I couldn't get rsync to utilise the keys I'd already exchanged because ssh-agent doesn't seem to be picking up the key I thought I'd start trouble shooting that first before complicating it with rsync

I've the following in my .bash_profile

```

# Start keychain for logging into shit

/usr/bin/keychain ~/.ssh/id_rsa ~/.ssh/id_dsa

source ~/.keychain/$HOSTNAME-sh

. ~/.keychain/$HOSTNAME-sh-gpg

```

So I'll try adding in the '--agents' option when calling keychain and see if that sorts things out (I currently use net-misc/ssh-askpass-fullscreen so that I'm prompted for my RSA/DSA passwords on login).

Handy to know about sourcing ~/.keychain/HOSTNAME-sh when calling rsync, not currently doing that.

Thanks for taking the time to reply, will try a few things out over the coming days (in between working today if I can!).

slack

----------

## slackline

Ok I have progress, I should have been 'source . ~/.keychain/$HOSTNAME-sh' and should instead have had '. ~/.keychain/$HOSTNAME-sh', can now ssh seamlessly to my NAS.

Have also gone ahead and created short scripts in ~/bin/rsync.* to be called by fcron that do 'source ~/.keychain/$HOSTNAME-sh' , these look like...

```

#!/bin/bash

source ~/.keychain/$HOSTNAME-sh

rsync -av ~/pics/* readynas:~/pics/.

```

These work fine on their own and when called by fcron.

I am now a very happy gentoo-er/readynas user as I can keep things in sync   :Very Happy: 

Thank you very, very much for the pointers grimm26

----------

