You are not logged in.
Hi,
I followed the [url=https://33hops.com/xsibackup-datacenter-running-as-server-in-synology-nas.html]guide[/url] to access my Synology NAS as IP target in a XSIBackup-DC --replica job. Therefore, I started with --add-key which appeared to work fine:
[root@esxi:/vmfs/volumes/hdd/XSIBackup-DC] ./xsibackup --add-key root@nas:22
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
||| (c)XSIBackup-DC 1.5.0.3: Backup & Replication Software |||
||| (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
(c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 6 Major 7 Minor 0 Patch 0
-------------------------------------------------------------------------------------------------------------
PID: 34503796, Running job as: root
-------------------------------------------------------------------------------------------------------------
Key exchange routine
-------------------------------------------------------------------------------------------------------------
This is the routine to exchange keys with other servers
You will be prompted to enter the remote server's password
a number of times. Please do so, this is a one time operation
-------------------------------------------------------------------------------------------------------------
/!\ Remember to enable SSH out in the ESXi firewall
-------------------------------------------------------------------------------------------------------------
root@nas's password:
The remote server is of type: linux OK
-------------------------------------------------------------------------------------------------------------
Let's look for the 'authorized_keys' file there...
-------------------------------------------------------------------------------------------------------------
root@nas's password:
The /root/.ssh/authorized_keys file does not exist
Do you want to create it? (y/n): y
root@nas's password:
The file /root/.ssh/authorized_keys was created
-------------------------------------------------------------------------------------------------------------
Checking if local public key exists at remote file...
-------------------------------------------------------------------------------------------------------------
root@nas's password:
Add local public key to root@nas:22:/root/.ssh/authorized_keys?
-------------------------------------------------------------------------------------------------------------
root@nas's password:
Local public key <xsibackup_id_rsa> has been
added to root@nas:22:/root/.ssh/authorized_keys OK
-------------------------------------------------------------------------------------------------------------
Remote server successfully linked for user root
-------------------------------------------------------------------------------------------------------------
Removed host <tmp> dir OK
-------------------------------------------------------------------------------------------------------------
Removed prog <tmp> dir OK
-------------------------------------------------------------------------------------------------------------
SSH session was closed OK
-------------------------------------------------------------------------------------------------------------
Removed PID OK
-------------------------------------------------------------------------------------------------------------
Then I started my replica --action:
[root@esxi:/vmfs/volumes/nas/XSIBackup-DC] etc/jobs/099
Performing a cold backup as per the --backup-how argument.
-------------------------------------------------------------------------------------------------------------
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
||| (c)XSIBackup-DC 1.5.0.3: Backup & Replication Software |||
||| (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
(c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 6 Major 7 Minor 0 Patch 0
-------------------------------------------------------------------------------------------------------------
License: | (c)XSIBackup-DC
-------------------------------------------------------------------------------------------------------------
Server root@nas:22 is not linked by public key, use --add-key command to exchange keys, returned: root@nas: Permission denied (publickey,password).
-------------------------------------------------------------------------------------------------------------
Removed host <tmp> dir OK
-------------------------------------------------------------------------------------------------------------
Removed prog <tmp> dir OK
-------------------------------------------------------------------------------------------------------------
Unlocked backup OK
-------------------------------------------------------------------------------------------------------------
Removed PID OK
-------------------------------------------------------------------------------------------------------------
[root@esxi:/vmfs/volumes/nas/XSIBackup-DC]
When I manually log in at the Synology NAS from the ESXI server, I still need to enter my password, but ssh access to root@nas works.
xsibackup is in place at root@nas:/usr/bin.
When I re-run --add-key at the ESXI server, I cannot login any longer at root@nas. I see the key stored in /root/.ssh/authorized_keys at the Synology NAS, but I assume that something is wrong with this key, as I need to remove the key for the ESXI server therefrom to re-run --add-key successfully again.
However, I still fail to generate an authorized key that can be used for remote login from xsibackup.
Version: XSIBackup-DC 1.5.0.3
Best regards,
Peter
Offline
You will always need to enter your password, unless you tell the ssh client to use the exchanged key by using the -i option.
ssh -i xsibackup_id_rsa root@nas
Add the key and run the above code from the (c)XSIBackup-DC installation root. If you are not asked for a password, then your key exchange worked.
If the automatic login does not work either, run the command with the -vvv option to get the detail on the OpenSSH protocol conversation and the detail on why key authentication isn't working.
ssh -vvv -i xsibackup_id_rsa root@nas
When you run --add-key again after a successful key exchange, you should see a confirmation that the key is in the remote system and that key authentication is enabled.
You don't say what version of DSM you are using. Being able to use Synology as a backup device over IP depends on the DSM desing and SSH configuration options. Double check whether [b]/root/.ssh/authorized_keys[/b] is the right place to store your public keys and check whether key authentication is enabled in the [b]/etc/ssh/sshd_config[/b] file.
Offline
Thanks to your explanations I could add the keys correctly and login. But when running a replica action, I see the following result in the log file:
Performing --replica action
-------------------------------------------------------------------------------------------------------------
ash: /usr/bin: Is a directory
Item number 1 in this job
-------------------------------------------------------------------------------------------------------------
vm Hardware Version is: 14
-------------------------------------------------------------------------------------------------------------
Virtual Machine: vm
-------------------------------------------------------------------------------------------------------------
Backup start date: 2021-05-16T18:26:22
-------------------------------------------------------------------------------------------------------------
2021-05-16 18:26:22 | Backing up 17 files, total size is 10.08 GB
-------------------------------------------------------------------------------------------------------------
NUMBER FILE SIZE PROGRESS
-------------------------------------------------------------------------------------------------------------
1/17 vm.vmx 2.80 KB | Done 0.00%
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------
Removed current target dir: /volume1/backup/vm
-------------------------------------------------------------------------------------------------------------
SIGTERM (13) condition was trapped: check logs for more details
-------------------------------------------------------------------------------------------------------------
Cleaning up...
-------------------------------------------------------------------------------------------------------------
Removed host <tmp> dir OK
-------------------------------------------------------------------------------------------------------------
The error log does not provide additional output.
Offline
Ah, probably --remote-path does not only require the directory to xsibackup, but the full path?
--remote-path=/usr/bin/xsibackup did the trick, with xsibackup binary stored in /usr/bin.
Offline
You didn't say whether you were able to exchange keys correctly, nor what was causing your previous issue.
You aren't providing the jobs that produced the output you are posting, which makes almost impossible to offer some clue.
You don't need to pass the --remote-path argument, /bin and /usr/bin (which is usually just a hardlink to the former) are sought by default.
Offline
The --remote-path=/usr/bin/xsibackup is just a reminder for me so that I do not forget to update xsibackup in the NAS upon performing an update of xsibackup on the ESXi host. Or is there a mechanism that prevents one from using different xsibackup versions between client and server?
Offline
The server component is updated automatically on every run.
Offline