[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh and root logins

This one time, at band camp, Bernard Blackham said:
> This lets the backup key *only* run rsync in server mode. I
> /believe/ this means that (short of finding a buffer overflow in
> rsync) logins with this ssh key will only be able to read files, and
> not be able to change anything. Though if anybody can find any flaws
> in this scheme, I'd like to know :)

As is kind of obvious, if I can compromise that key, I can do
rsync -e ssh --delete /some/empty/dir root@yourhost:/
or something, which isn't very nice :)

Admittedly though, if you use rsync for backups, you have to take this
kind of chance, I think - I'm not sure how else to proceed.  I do like
the idea of your script - it takes things one step further than I have.

|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |

Attachment: pgpQ4DGOrpLBI.pgp
Description: PGP signature

Reply to: