danm@prime.gushi.org wrote:
> I'm trying to set up a secure way to back up a system as root, with rsync
> (assume we don't want to kill the bandwidth and want a "snapshot" system
> for developers in a way that makes dump, tar, etc impractical.
>
> We've got an ssh key relationship set up and we can force the command to
> be rsync --daemon.


I set up a similar system, except that I used an ssh agent rather than a
simple key relationship. I hope this diagram makes sense:

Server
\ \
\ \-> authorized_keys includes server_id_dsa.pub
\
\-> ssh-agent
\ \
\ \-> server_id_dsa attached
\
\--> ssh to client machine
/ \
/ \-> authorized_keys includes server_id_dsa.pub,
rsync to server <-/ which only runs rsync script


This way, the client machine can only rsync back data when the ssh agent
is present, because the server only allows in connections for its *own*
key, not any key that is stored on the client filesystem.

If you want to make this somewhat more secure, set it up in such a way
that the client machine cannot write to the rsync script-- in our case,
the client machines access the rsync script from a read-only nfs partition.

--Kyle
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html