在 Ubuntu Mate 18.04.2 上,使用远程 sudo 的 rsync 失败,导致 ssh 失败
rsync 版本 3.1.2 协议版本 31 - 本地和远程相同
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3,OpenSSL 1.0.2n 2017 年 12 月 7 日 - 本地和远程相同
我已经使用以下方法检查了 .bashrc 中的虚假输出
$ ssh user@host /bin/true > out.dat
结果是
$ ls -l *.dat -rw-rw-r-- 1 user user 0 May 22 23:33 out.dat
-- [删除] 命令是
rsync -AEavvvogt --rsync-path="sudo rsync" --debug=CONNECT -e "ssh -i /home/xxx/.ssh/id_rsa -tt -v -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" --exclude-from=/home/xxx/backup.exclude --delete --link-dest=../$lastdt /etc $dest/$dt
-- [删除] 输出是
opening connection using: ssh -i /home/user/.ssh/id_rsa -tt -v -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -l user xxx "sudo rsync" --server -vvvlogDtpAre.iLsfxC --delete --link-dest ../20190506_021137 . /home/backups/xxx/20190522_232738 (20 args)
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to xxx [192.168.1.120] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/user/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to xxx:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: <email address hidden> MAC: <implicit> compression: none
debug1: kex: client->server cipher: <email address hidden> MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: xxx
Warning: Permanently added 'xxx,192.168.1.120' (ECDSA) to the list of known hosts.
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:xxx /home/user/.ssh/id_rsa
debug1: Server accepts key: xxx
debug1: Authentication succeeded (publickey).
Authenticated to xxx ([192.168.1.120]:22).
debug1: channel 0: new [client-session]
debug1: Requesting <email address hidden>
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype <email address hidden> want_reply 0
debug1: tty_make_modes: no fd or tio
debug1: Sending environment.
debug1: Sending env LANG = en_GB.UTF-8
debug1: Sending command: sudo rsync --server -vvvlogDtpAre.iLsfxC --delete --link-dest ../20190506_021137 . /home/backups/xxx/20190522_232738
protocol version mismatch -- is your shell clean?
(see the rsync man page for an explanation)
rsync error: protocol incompatibility (code 2) at compat.c(178) [sender=3.1.2]
[sender] _exit_cleanup(code=2, file=compat.c, line=178): about to call exit(2)
/etc/sudoers 包含
user ALL= NOPASSWD:/usr/bin/rsync
...我尝试将其放置在以 %admin 和 %sudo 开头的行上方(默认)和下方,而“ALL= NOPASSWD...”中的空格似乎没有任何区别
我按照以下说明进行操作
https://www.digitalocean.com/community/tutorials/how-to-copy-files-with-rsync-over-ssh
...它在 16.04 上运行良好,所以我想知道是否可能存在错误,尽管感谢任何其他建议,因为我不确定如何进一步调试/调查。
答案1
该问题似乎是由-tt
ssh 选项引起的,我从某处了解到该选项是另一个错误的潜在解决方案。
在我的脚本中更正了远程路径错误后,当-tt
从 ssh 选项中删除时,它可以按预期工作。