I have two Solaris 11.0 machines - a server (NAS) and a backup machine. I have a script on NAS that creates a new ZFS snapshot and sends it to backup over SSH. The script is executed every day using CRON.
The snapshot gets created successfully. When trying to send it over to backup, however, using the following command: sudo zfs send -i $first $second | ssh $bs_username@$bs_host sudo /usr/sbin/zfs receive -F backup/$1;
I sometimes get the following error message: Permission denied (gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive).
The error is probably related to the SSH connection, as the following command fails as well: ssh $bs_username@$bs_host sudo /usr/bin/pfexec /usr/sbin/init 5
Note that the backup process sometimes succeeds, sometimes fails. It has never yet succeeded when launched by CRON (possibly an issue with permissions to launch the script?), but it has both failed and succeeded when running manually.
On the backup machine, permissions to sudo without providing a password (for pfexec and zfs at least) was given to the $bs_username user account.
If you'll find that I have omitted some important details, please let me know.
Thank you for any advice.
So, it seems like that when running via CRON (or with sudo), it looks for the public key in the root home directory.
How would I have CRON execute the script as a custom user, say rychnd?
Thanks for your help
You'll also need to disable escape characters for the SSH session:
ssh -e none ....
If you don't do that, when the SSH process detects the binary data corresponding to the escape character (default is "~"), that character and the next character(s) will not be considered part of the data stream.