epike on Thu, 21 Nov 2002 10:40:14 -0500


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] rsync + ssh question


> Where you'll also find you can set up an rsync server. You can still
> use ssh. (Use port forwarding as a non-privileged user and have the
> rsync server only listen to connections from localhost.) This might
> solve the problem, since you can connect as an unprivileged user, but
> the rsync server can be running as root.

i'll have to read up on setting up rsync server but I see how 
that could work..thanks.

> 
> (Is the issue that files are owned by different users? How many users
> are there? Could you just have an rsync process by each user? That
> doesn't scale, but if the number of users won't grow much, it might be
> easier.)

many users (lets say 50), and i'm thinking of a way to backup the
server remotely and securely, by installing maybe 2 or 3 low-cost 
pentium machines with large ide disks to a couple of us guys who have 
cable/dsl connection.

> If you can use diskettes at boot, I should think you could also use
> keys with pass phrases. I don't follow what you want to do with the
> diskettes, though.

I'm thinking that the diskette will hold the private key,
and when the computer boots it'll read the private key
into memory--if the system is broken into during normal
hours, then the private key file is no longer in the server
itself (its in the diskette), although its possible 
to grab the keys from the running memory (but that
should be difficult to crack).  

This means i have to write
some scripts to load the keys during bootup using 
ssh-agent though (I'm not a great shell script writer but
that should be no problem).

e pike

_________________________________________________________________________
Philadelphia Linux Users Group        --       http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion  --   http://lists.netisland.net/mailman/listinfo/plug