[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Secure rsync setup

On Sun, 17 Dec 2006 17:20:33 +0100 Thorsten Schmidt wrote:

> However, this requires alpha having a ssh-key. Furthermore I'm not in
> charge with alpha's security, thus I've to make sure, that a
> attacker, who gained access to alpha's ssh-key is not able to
> compromis beta (well, he might be able to delete / modify the
> backup'ed data, but this might be circumvented by regularly tar the
> backed up data). Thus my question is: How should I configure / secure
> beta to prevent this?

On my beta, I have a ssh-key in authorized_keys with the following
--server -vulogDtprz --delete . /path/to/backup"

So my rsync cron can only execute rsync on the other side
(rsync-server does not need to be running).
Don't ask where I do have the whole command line from, think I started
with an "open" ssh-key and ran rsync in very-verbose or so. 

   ^^^    | Evgeni -SargentD- Golov (sargentd@die-welt.net)
 d(O_o)b  | PGP-Key-ID: 0xAC15B50C
  >-|-<   | WWW: http://www.die-welt.net   ICQ: 54116744
   / \    | IRC: #sod @ irc.german-freakz.net

Reply to: