[rdiff-backup-users] Post-setup questions

[Grant]

I've set up an rdiff-backup system for backing up files from 3
machines and I'm very happy with the way the program works.  I have a
few questions I'm hoping you guys can help me out with.

Security:

My laptop is one of the systems I want to back up and when I travel it
ends up behind a router I have no control over.  Because of this, my
systems push to the backup server instead of the backup server pulling
from them.  Because I'm pushing, I can't restrict the public SSH keys
on the backup server to read-only.  I think this means that if any of
my private keys are stolen, the thief will have full read/write access
to all files owned by the user "holding" the public SSH key, although
that access will be limited to the rdiff-backup binary.  I've prefixed
the public SSH keys on my backup server like this:

command="rdiff-backup
--server",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa ...
address@hidden
command="rdiff-backup
--server",from="12.34.56.78",no-port-forwarding,no-X11-forwarding,no-pty
ssh-rsa ... address@hidden

Since I don't want to provide root write access with SSH keys, another
drawback of the push configuration is that root ownership is not
preserved in the backups which I imagine will hinder restores.  Are
there any other issues to consider when using rdiff-backup in this
way?

Non-Security:

If I deleted a file from one of my systems 61 days ago and today I run
--remove-older-than 60D, will the original file be deleted from the
backup or only the increments?

I'm backing up to a 1TB USB hard drive dedicated to backups.  How low
should I set the super-user space reservation on that drive?

I'd like to store an additional copy of the backups on a remote
system.  Would it be best to rsync between the USB hard drive and the
remote system?

What happens if a file changes while rdiff-backup is reading it?

- Grant