Tramite rsync e' mirrorato il sito http://brallo.mine.nu sul sito con maggior banda http://www.meteobrallo.com/mirror. Il mirror e' schedultato ogni ora ed effettuato tramite demone di wview. Per poter rendere operativa questa funzionalita' il sito remoto (meteobrallo) deve essere una macchina linux con attivo rsync e l'utente deve avere accesso in ssh. Basta seguire passo passo le istruzioni presenti sul sito di wview per far funzionare la cosa:
14. Secure File Transfer (rsync/ssh)
14.1 Overview
A new wview daemon has been added to support secure file transfers to remote servers: wviewsshd. It is enabled or disabled in the same way that the wviewftpd and wvalarmd daemons are - by the presence or absence of the respective config files. All three of these utility daemons are disabled in the standard distribution because the config file names are all appended with "-no-[function]", i.e. "wviewssh.conf-no-ssh". The secure updates are performed using rsync over an ssh session. To work properly, the wview server must be able to login and/or execute commands on the destination server via ssh WITHOUT entering a password. This is accomplished by copying the wview server's root account shared ssh key to the remote server's login account. Suggestion: Don't mix hostname with IP address for the remote server during the configuration below. Decide NOW whether you are going to use a hostname or an IP address, and use it consistently for all references to [remote_host] below. ssh does make a distinction when storing and verifying shared keys. Placeholders: [remote_host] - the host we want to update [ssh_login_user] - the user account name on the [remote_host] we want to use for the ssh logins [remote_test_dir] - remote directory to receive files, relative to the [ssh_login_user] login home directory *[ssh_login_user] must have write access to this directory* [wview_server] - the wview host Note: I have included prompts of the form "username@host:# " to help clarify what is being executed on what host. Your actual shell prompts may be different, this is only for clarity in this procedure. Note: This procedure assumes compatible versions of ssh - version 1 and version 2 of openssh have compatability problems as well as with ssh.com versions 1 and 2. If you are having problems with the setup, I strongly suggest going to the following URL for advanced help: http://www.cs.berkeley.edu/~dtliu/sshinterop.html.
14.2 Prerequisites
14.2.1 Verify rsync is installed on the wview server:
root@[wview_server]:# whereis rsync If that doesn't produce /usr/bin/rsync or similar, install rsync.
14.2.2 Verify rsync is installed on the remote host:
root@[wview_server]:# ssh -l [ssh_login_user] [remote_host] [enter password] [ssh_login_user]@[remote_host]:# whereis rsync If that doesn't produce /usr/bin/rsync or similar, install rsync. Logout: [ssh_login_user]@[remote_host]:# exit
14.3 ssh Shared Key Setup
14.3.1 Generate a public/private key pair for the root user on the wview
server (if it does not already exist) (execute as the root user): root@[wview_server]:# mkdir -p ~/.ssh root@[wview_server]:# ssh-keygen -t rsa Just hit enter for default values when asked questions. This will create two files, we are interested in the ~/.ssh/id_rsa.pub file.
14.3.2 Transfer id_rsa.pub to [remote_host]. Use ftp, scp, email, floppy
disk, whatever you want to get this file to the remote host.
14.3.3 Login to [remote_host] as [ssh_login_user] and append the contents of
id_rsa.pub into ~/.ssh/authorized_keys (if authorized_keys does not exist, just rename id_rsa.pub to authorized_keys). root@[wview_server]:# ssh -l [ssh_login_user] [remote_host] [enter password] [ssh_login_user]@[remote_host]:# mkdir -p ~/.ssh [ssh_login_user]@[remote_host]:# cd ~/.ssh [ssh_login_user]@[remote_host]:# cat id_rsa.pub >> authorized_keys Stay logged in - we need it for the next step.
14.3.4 As [ssh_login_user] on [remote_host], ssh into the wview server as root,
answer "yes" if this is the first time, then logout. This sets the wview server up in the remote server login account's "known_hosts" file. [ssh_login_user]@[remote_host]:# ssh -l root [wview_server] [enter password] root@[wview_server]:# exit Now, exit the original ssh session: [ssh_login_user]@[remote_host]:# exit
14.3.5 As root on the wview server, ssh into [remote_host] as [ssh_login_user],
answer "yes" if this is the first time, then logout. This sets the [remote_host] up in the wview server root account's "known_hosts" file. root@[wview_server]:# ssh -l [ssh_login_user] [remote_host] [no password should be required!] [ssh_login_user]@[remote_host]:# exit
14.3.6 Finally, we need to set up ssh for the root user so that when
[remote_host] is logged into, ssh uses [ssh_login_user] instead of root for the login on [remote_host]. This must be done for every [remote_host] entry in wviewssh.conf. This is what specifies which user account is used for the ssh login to each [remote_host]. Edit /root/.ssh/config and put the following at the top of the file (just create a new file if it does not exist): [text start] Host [remote_host] User [ssh_login_user] [text end] Save and exit that file.
14.3.7 Mandatory Tests - these must succeed before going any further:
As root on the wview server execute: root@[wview_server]:# ssh [remote_host] You should be logged in to [remote_host] as [ssh_login_user] without entering a password. Exit the remote host shell: [ssh_login_user]@[remote_host]:# exit You should now be able to remotely execute commands over ssh. Verify this by executing the date command from the wview server as root: root@[wview_server]:# ssh [remote_host] date This MUST execute without requiring a password. If it does not, go back to the beginning of shared key setup and double check your steps. DO NOT proceed if you cannot login/execute commands remotely as [ssh_login_user] without a password. This is critical! There is much online documentation concerning ssh setup, this is only a bare-bones treatment of the subject.
14.4 Confirming rsync Functionality
14.4.1 Place files in /var/wview/img (if it is not already your "IMAGE_PATH"
in htmlgen.conf): root@[wview_server]:# cp [some_test_files] /var/wview/img
14.4.2 Create/Verify the destination path on the remote server
(as [ssh_login_user]): root@[wview_server]:# ssh [remote_host] [you are now logged in as [ssh_login_user] without a password, right?] [ssh_login_user]@[remote_host]:# cd ~ [this is your ssh login directory - all wviewssh.conf destination paths are relative to this directory] [ssh_login_user]@[remote_host]:# mkdir -p [remote_test_dir] Note: [remote_test_dir] is a relative path from the [ssh_login_user] login directory - it CANNOT contain a leading "slash". Logout: [ssh_login_user]@[remote_host]:# exit
14.4.3 Test rsync over ssh from the wview server:
root@[wview_server]:# rsync -aqz --rsh=ssh /var/wview/img/ [remote_host]:[remote_test_dir] This should transfer the files you placed in /var/wview/img to the remote server in the [remote_test_dir] directory without a password being required. *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!***** wview ssh file transfer capability will NOT work until you can successfully execute this command from the wview server and verify the file transfers on the remote server. *****!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!*****
14.5 Configuring wview For Secure Transfers
14.5.1 Stop wview as you normally would:
[FreeBSD] /etc/rc.d/wview stop -OR- [SuSE] /etc/init.d/wview stop -OR- [RH/Fedora] /etc/rc.d/init.d/wview stop
14.5.2a If updating, copy the wviewssh.conf script to your server:
cp .../wview-x.y.z/examples/conf/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf
14.5.2b If a new install, rename the config file:
mv /etc/wview/wviewssh.conf-no-ssh /etc/wview/wviewssh.conf
14.5.3 Copy the new wview start script which will start the wviewsshd daemon:
[FreeBSD] cp .../wview-x.y.z/examples/FreeBSD/wview /etc/rc.d [SuSE] cp .../wview-x.y.z/examples/SuSE/wview /etc/init.d [RH/Fedora] cp .../wview-x.y.z/examples/Fedora/wview /etc/rc.d/init.d
14.5.4 Edit /etc/wview/wviewssh.conf, adding one or more transfer rules: [snip]
1 /var/wview/img [remote_host] [remote_test_dir] [snip]
The example file contains a full description of the columns. Each [remote_host] entry must have a corresponding "Host" entry in /root/.ssh/config which specifies the login account ([ssh_login_user]) to use for ssh. See section 14.3 above. Further, the procedures outlined in sections 14.2-14.4 MUST be followed for each unique [remote_host] [ssh_login_user] combination.
14.5.5 Start wview as you normally would:
[FreeBSD] /etc/rc.d/wview start -OR- [SuSE] /etc/init.d/wview start -OR- [RH/Fedora] /etc/rc.d/init.d/wview start