Jacob Yocom-Piatt wrote: > i have a script that runs on a single backup host and gathers dumps from other > machines on the network by ssh-ing into them as root using pubkey > authentication. allowing root access via ssh is, of course, not a good idea. > is > there an established method for keeping privileges lower when doing dumps, > i.e. > add a user who can dump and not using root to do this?
It's reasonably standard to use an operator group for doing dumps, giving the group no special privilege beyond read access to the raw disk devices. -- Matthew Weigel
