Alex Mestiashvili <[email protected]> wrote: > I would simply use a passwordless ssh-key with a wrapper on the remote > side which allows to run only the backup command .
I'd agree with this, but use passwordless public/private keys with a restricted target command. See man sshd and the AUTHORIZED_KEYS FILE FORMAT section for some details. An example would be something like this in the target machine's .ssh/authorized_keys file: command="backup-service",no-pty,no-port-forwarding ssh-rsa BLAHBLAHBLAH... The "backup-service" script can look at the SSH_ORIGINAL_COMMAND variable to sanity-check it before execution. So, if your client-side backup script really wants to use rsync, it can do so (and SSH_ORIGINAL_COMMAND would contain the entire command line ready for the server to execute once it was happy it was "safe" to do so). Chris -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
