simple rsync in crontab without password

As others have said you can do this with passphrase-less ssh keys. This is inherently insecure and you need to take additional steps to add some security back into the process. What I do is restrict the key's use to a host and a command. I've written this up from my notes, I don't think I've missed any steps out.

The first thing to do is to generate a public key pair that will be used solely for this backup process. When prompted for a pass phrase just press enter twice.

ssh-keygen -t rsa -b 2048 -C "For Backup use only"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/root/.ssh/id_rsa): /root/.ssh/backup.id_rsa
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/backup.id_rsa.
Your public key has been saved in /root/.ssh/backup.id_rsa.pub.
The key fingerprint is:65:c0:cb:2b:9e:18:ff:b2:59:d4:b5:e8:ae:84:32:2b

Transfer the public key /root/.ssh/backup.id_rsa.pub to the remote host and add it to the /root/.ssh/authorized_keys file.

On the remote host restrict the use of the public key by adding from= and command= restrictions. Edit the /root/.ssh/authorized_keys file, locate the backup key and add the address/name of the host that will be running the cron job as well as a command to run. This command will be run when something logs in with this key e.g.

from="192.168.254.207",command="/root/checkrsync",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3N...

You can only use this key from 192.168.254.207 and you can only run the command /root/checkrsync and other functionality has been removed too.

Edit the file /root/checkrsync like this

echo $SSH_ORIGINAL_COMMAND >/tmp/rsync.cmd

save it and make it executable

chmod 700 /root/checkrsync

We'll change /root/checkrsync later once we know what $SSH_ORIGINAL_COMMAND is.

On the host where we'll be running the cron job run the rsync command interactively

/usr/bin/rsync -avz -e "/usr/bin/ssh -i /root/.ssh/backup.id_rsa" /source_folder [email protected]:/destination_folder

Don't worry about any error messages we only want to generate the /tmp/rsync.cmd file on the remote host

On the remote host make an exact note of the contents of the /tmp/rsync.cmd file (it will be something like rsync --server -vlogDtprze.iLs . /destination_folder).

On the remote host edit /root/checkrsync and change it to

if [[ "$SSH_ORIGINAL_COMMAND" == "rsync --server -vlogDtprze.iLs . /destination_folder" ]]
then
     $SSH_ORIGINAL_COMMAND
fi

where the right hand side of the if statement is what was in /tmp/rsync.cmd.

Test the setup. On the host where we'll be running the cron job run the rsync command interactively again

/usr/bin/rsync -avz -e "/usr/bin/ssh -i /root/.ssh/backup.id_rsa" /source_folder [email protected]:/destination_folder 

Now it should run correctly if it does then install it into your crontab.

crontab -e 

* 1 * * *  /usr/bin/rsync -avz -e "/usr/bin/ssh -i /root/.ssh/backup.id_rsa" /source_folder [email protected]:/destination_folder

You need to set up passphrase-less ssh key authentication.

Bear in mind security concerns when setting this up. I recommend using a host access list to restrict the source IP using the key.

Check following link for seting up SSH keys. SSh keys will help you to setup password less ssh login.

http://techtrunch.com/linux/ssh-keys

Setting up CRON:

1. Login as root

2. Open a terminal and type crontab -e, then enter following

   1 * * * * rsync -avz /source_folder 192.168.1.1:/destination_folder

Note

This will run on every hour.

For ssh without password (or rsync over ssh), you'll need a key pair without a passphrase.

You can generate your the pair (private & public key) on your source machine by ssh-keygen -t rsa (to ~/.ssh/id_rsa), then add your public key (contents of ~/.ssh/id_rsa.pub) to the destination machine to ~/.ssh/authorized_keys.

Read the whole article on cron rsync backups: https://medium.com/@deltazero/linux-remote-backup-rsync-chroot-d797ba6babe5