On Thu, 27 Aug 2009 16:30:55 +1200, Nathan Ward wrote:
> --rsync-path="sudo rsync"
Another way to achieve something similar would be to have PermitRoot set
to without-password, and then set up a key pair for remote login. In
authorized_keys2, the remote access for this key pair can be limited to
the rsync command.
When considering these, be sure to look at your security goals and how
they're impacted. In the sudo case, you're giving a user account the
ability to run rsync as root. That is, effectively, read-write access to
everything.
In the without-password case, you're giving similar access to anyone that
has access to the private key (though you can limit this to a given IP
address in authorized_keys2).
It goes further than this (ie. the sudo case is also giving that read-
write access to the remote user running the backup command). I'd want to
give this some careful thought before choosing.
There's also the possibility of combining the two ideas. The remote user
logs into a local non-root user. This is done using a key pair, and the
local user has no password (so no password attacks on the local user
account). The key pair, via authorized_keys2, has access only to the
"sudo rsync" command.
- Andrew
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
