This one time, at band camp, Bernard Blackham said: > This lets the backup key *only* run rsync in server mode. I > /believe/ this means that (short of finding a buffer overflow in > rsync) logins with this ssh key will only be able to read files, and > not be able to change anything. Though if anybody can find any flaws > in this scheme, I'd like to know :) As is kind of obvious, if I can compromise that key, I can do rsync -e ssh --delete /some/empty/dir root@yourhost:/ or something, which isn't very nice :) Admittedly though, if you use rsync for backups, you have to take this kind of chance, I think - I'm not sure how else to proceed. I do like the idea of your script - it takes things one step further than I have. TTYL, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
pgpXjhisGYRxR.pgp
Description: PGP signature