[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] Post-setup questions

From: Nicolas Jungers
Subject: Re: [rdiff-backup-users] Post-setup questions
Date: Fri, 19 Aug 2011 08:45:31 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0) Gecko/20110812 Thunderbird/6.0

On 2011-08-18 22:25, Maarten Bezemer wrote:

On Mon, 15 Aug 2011, Grant wrote:


I realized today that since the backup server needs root access on
each of the machines, I won't be able to disallow root logins. Is
that correct? If so, isn't that a major drawback to pulling?

You can disallow root logins using password authentication, and set
PermitRootLogin without-password in /etc/ssh/sshd_config. That would
be secure against any dictionary attack launched against the root

And, looking at the whole subject from a different angle: pushing
also has the large drawback that in case your laptop is
stolen/lost/whatever, and you use an ssh key for rdiff-backup to
connect to your backup server, you risk not only losing your 'real'
systems, but the backup server can also be compromised it an attacker
starts using that key.

Both types of private key abuse could possible be mitigated by using
 passphrase-protected private keys. Then you're back at the 'default'
 risk of keyloggers intercepting these passphrases...

There is a third solution, designed specifically for that kind of
problem. You can put a command= option in front of your key in the authorized_keys file to restrict the usage of the key to a specific [set of] command. See AUTHORIZED_KEYS FILE FORMAT in "man sshd".


reply via email to

[Prev in Thread] Current Thread [Next in Thread]