On Sat, Aug 07, 2021 at 11:44:34AM +0100, Chris Green via rsync <rsync@lists.samba.org> wrote:
> L A Walsh via rsync <rsync@lists.samba.org> wrote: > > On 2021/08/03 07:09, Chris Green via rsync wrote: > > > I already have an rsync daemon server running elsewhere, I can add > > > this requirement to that I think. Thank you. > > > > > ---- > > > > It seems to me, a safer bet would be to generate an ssh-cert > > that allows a passwdless login from your sys to the remote. > > > The trouble with that is that it leaves a big security hole. > > If (for example) I leave my laptop turned on somewhere, or someone > wanders into my study where my desktop machine is they have instant, > passwordless access to the remote backup machine. > I try very hard to make my backups secure from attack so that if my > desktop or laptop is compromised somehow the (remote) backups are > still secure. You can use my sshdo program (https://github.com/raforg/sshdo) to solve this problem. It limits the commands that a key is allowed to execute to just those commands that it has been trained on and nothing else. It makes it OK to have an unencrypted ssh key used for automated or scripted actions such as backups. The key can only be used to execute the exact commands that you need it to. It works by allowing everything during a brief learning period, and then you tell it to add the commands that have been encountered to its policy and disallow anything else. You can also periodically unlearn or relearn as needed. It does all the heavy lifting. You just have to examine what it's seeing, and decide if it should be added to the policy. > The backup system that runs the rsync daemon has its rsync configured > with 'refuse options = delete' so not only does someone with access to > my desktop/laptop need to know the rsyncd username and password but > they also cannot delete my existing backups. It runs incremental > backups so nothing is ever overwritten either. > > -- > Chris Green cheers, raf -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
