[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Biggest nightmare
From: |
Edgar Soldin |
Subject: |
Re: [Duplicity-talk] Biggest nightmare |
Date: |
Sun, 31 May 2009 12:01:12 +0200 |
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20090302 Thunderbird/2.0.0.21 Mnenhy/0.7.5.0 |
could you clear that up for me? ..ede
> Edgar Soldin a écrit :
>
>> A backup repository pulling the backups from the duplicity host seems
>> easier to setup to me.
>> Why would you want a pure sftp backend?
>>
>
> So that you only need to write a resticted SFTP server, without having
> to write a restricted SCP server.
>
>
>> ... ede
>>
>>> I would like to add another idea and know what you're thinking about it.
>>> Everything duplicity needs for „normal” backup operations is to list
>>> files, read files and create new (non-existing) files. So I thought
>>> about creating a restricted SFTP server, which would allow exactly these
>>> three operations. Then an evil attacker could not compromise backups.
>>>
>>> A user who has an SSH account on a backup host, would use two keys:
>>> a) not-password-protected, restricted to SFTP
>>> b) password-protected, restricted to backup maintainance, which he
>>> should actually *never* use
>>>
>>> Unfortunately, I could not find any Restricted SFTP server, but writing
>>> a paramiko-based one should not be too difficult. Also, duplicity does
>>> not currently have a „pure” SFTP backend, but again, this should be
>>> piece of cake.
>>>
>>> So, what do you think?
>>>
>>>
>>>
>>> _______________________________________________
>>> Duplicity-talk mailing list
>>> address@hidden
>>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>>
>>>
>>
>> _______________________________________________
>> Duplicity-talk mailing list
>> address@hidden
>> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>>
>
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk
>
- [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/30
- Re: [Duplicity-talk] Biggest nightmare, Kenneth Loafman, 2009/05/30
- Re: [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Edgar Soldin, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare,
Edgar Soldin <=
- Re: [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Edgar Soldin, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Sieker Adi Jörg, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Sieker Adi Jörg, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, rsync.net, 2009/05/31
- Re: [Duplicity-talk] Biggest nightmare, Cristian KLEIN, 2009/05/31
Re: [Duplicity-talk] Biggest nightmare, Edgar Soldin, 2009/05/30
Re: [Duplicity-talk] Biggest nightmare, Robin Smidsrød, 2009/05/30