I have a couple of questions (Q) and then a couple of comments (C) which might begin to point you in the right direction to resolve this situation yourself (I hope ):
Also note that the really interesting stuff may start at C7... (Until there it's mostly confirmation of understanding).
Q1) Please confirm that you can definitely login without password to each DiskStation i.e. you have copied each client's public RSA key from the client machine to the DiskStation you are trying to log into. The public key of the client machine would be originally stored where you told the client machine to store it (on the client PC ) - for me that is /etc/ssh on my Linux PC. You may have stored it elsewhere.
Q2) Please confirm you have then copied the client's RSA key to either of the following folders on the DiskStation:
a) FOR AN USER: If you are logging in as a non-root user to the DiskStation that the client's RSA key is stored in this folder:
- Code: Select all
b) FOR ROOT: If you are logging in as root that the client's RSA key is stored in this alternative folder:
- Code: Select all
C1) Both of those folders would be on the DiskStation you are trying to log into.
C2) If you have done that then you should be able to login to the DiskStation via SSH without a password. SSH is handling the authorisation for this setup.
C3) Now to use RSYNC from a client PC with this simple setup you must ensure it uses SSH to handle the authorisation and encryption.
C4) So when I run my RSYNC command from a Linux client I FORCE it to utilise SSH by using the option ssh in this command (see the ssh? Look! There! There's a 'ssh' in the options for command - See it? Just before "--progress" ):
- Code: Select all
rsync -vrtplze ssh --progress --stats --delete /home/Mike/Documents Mike@192.168.XXX.XX1:/volume1/homes/Mike/ExampleFolder
C5) Take note that the rsync command is issued on the CLIENT PC.
C6) The client PC contacts the SSHD server on the DiskStation, does a login and then does the rsyncing through ssh.
C7) From your post it seems to me that you are issuing the rsync command on the DiskStation - NOT a client PC - and seeking to contact a rsync server on your 'client' PC.
C8) If you were issuing a rsync command (over ssh) on the DiskStation you need to reverse ENTIRELY the authorisations i.e. the DiskStation's RSA public key would need to be transferred to the "client" PCs and a SSH server would have to be running on the "client" PCs.
C9) If however, you are expecting to communicate from your DiskStation to just a rsync server on another PC/DiskStation without going over ssh then you will not be able to utilise password-less login UNLESS you employ the --password-file option from the DiskStation. User details are held in rsyncd.secrets on the server but will require the pass-phrase to be communicated when your rsync command tries to log in taking the password from the local file on the DiskStation (Not ideal - I don't think - but it's your choice...).
C10) However, I assume you have a SSH daemon running on the device to which you wish to rsync. Consequently, it would appear to me that what is happening here is that the RSA key of the problematic DiskStation has not been transferred to the device to which you are seeking to rsync over ssh.
C11) I note you have "upgraded" the problematic DiskStation. It is possible - if the DiskStation was working previously - that your previous configuration files have been over-written during the "upgrade" (Don't start me off on that ) INCLUDING it's rsa public key .
C12) Consequently, I would transfer a new RSA public key from the inoperative DiskStation to the server you are trying to login to and try again.
C13) Briefly, you have mentioned PAM authorisation. This is unlikely to be a cause of your problem.
PAM is more concerned with number of logins or length of login rather than authorisation methodology and wouldn't affect outward traffic run as root.