restrict a root login via ssh to read-only fs access?

To: debian-isp@lists.debian.org
Subject: restrict a root login via ssh to read-only fs access?
From: Henrik Heil <hhml@zweipol.net>
Date: Sat, 21 Jan 2006 14:44:16 +0100
Message-id: <[🔎] 43D23AB0.6060303@zweipol.net>

Hello list,

I want to setup a backup-system for some servers that can also backupfiles that only root (uid 0) can read.

At the moment I use rdiff-backup over ssh with a second root user(root2) with uid 0


etc/passwd:
root2:x:0:0::/home/root2:/bin/bash

and a restrictive ssh-configuration to limit what this user can do

/home/root2/.ssh/authorized_keys:

command="/usr/bin/nice -n 15 /usr/bin/rdiff-backup --server--restrict-read-only /",no-pty,no-X11-forwarding,no-agent-forwarding,no-port-forwarding [keywithout passphrase]


The ssh-login ist key-only an will be retricted to a fixed IP.

On the backup machine I have a cronjob that logs in as root2 and runsthe rdiff-backup command:


/usr/bin/rdiff-backup \
--exclude /dev --exclude /proc \

--remote-schema 'ssh -C %s /usr/bin/nice -n 15 /usr/bin/rdiff-backup--server --restrict-read-only /' \

--print-statistics \
root2@[server]::/ \
/var/rdiff-backups

The backup machine is hardened but I would prefer to further limit thedamage if the private key of root2 is compromised and/or there is anexploitable bug in rdiff-backup so I am looking for some way to globallydrop write permissions with a command that ist executed when root2 logsin via ssh. Any ideas?


Thanks in advance,
Henrik

--
Henrik Heil, zweipol Coy & Heil GbR
http://www.zweipol.net/

Reply to:

Follow-Ups:
- Re: restrict a root login via ssh to read-only fs access?
  - From: Claus Herwig <lists@checon.de>

Prev by Date: Re: spf record
Next by Date: Re: spf record
Previous by thread: Re: graphite
Next by thread: Re: restrict a root login via ssh to read-only fs access?
Index(es):
- Date
- Thread