Re: [rdiff-backup-users] Post-setup questions

[Grant]

>> That sounds like a great idea.  I'll set up openvpn and switch from
>> pushing to pulling.  BTW, is the read-only restriction on the public
>> SSH keys the only advantage of pulling vs. pushing?  Are there any
>> drawbacks?  In a pull arrangement, if the private keys on the backup
>> server are stolen, the thief would have root read-access on each
>> system?
>
> If someone steals the private keys on the backup server, they already have
> access to all your files. Although I admit there is a subtle difference
> between 'all your base are belong to us' and actually using those keys to
> plant malware on your laptop, but you will be screwed either way.
> That's the reason why I keep my backup server unreachable from the outside
> world.. not running any services on public IP address.

I don't quite follow.  You're saying it doesn't matter that the thief
has root read access on each backed-up system via the SSH keys because
he would already be able to read all of the important files from each
of those systems via the backups on the compromised backup server?

I realized today that since the backup server needs root access on
each of the machines, I won't be able to disallow root logins.  Is
that correct?  If so, isn't that a major drawback to pulling?

>> Would it be safe to reserve zero space for root on the USB hard drive?
>> Maybe that reserved space is only necessary on a disk containing an
>> OS?
>
> 0% would be 'safe', if rdiff-backup would be the only process writing to the
> USB drive. Reserved space is primarily meant for OS disks such that root
> still has the ability to login and move stuff around when non-root
> users/processes made a mess and filled the entire disk.
>
> However, it is still good to reserve some 2 or 3 % of your 1TB drive. Or
> even go with the default which is usually 5%. If you are running out of
> space and need to regress a failed backup due to "no disk space", you can
> use tune2fs or other filesystem's relatives to create some more room to do a
> proper cleanup.

Is it necessary to reserve 20GB on a 1TB disk?  If the OS is not on
the USB backup drive, is there any scenario under which I would need
space reserved for root on that disk?  I would think free space on the
OS disk would be all that's necessary if the USB drive fills up.

>> Would you use rsync or would you have the remote system described
>> above act as a second rdiff-backup server and run the entire backup
>> process a second time?
>
> Using rdiff-backup to copy an rdiff-backup repository wouldn't be a good
> idea. Using rdiff-backup against the original system (your laptop, etc)
> might also not be what you want. So, I think using rsync to keep a copy of
> the rdiff-backup tree would be the best way to go.

I tried to set this up today but I ran into a problem.  My backup
server backs up its own files to the USB drive.  If that operation is
conducted as a normal user, it can't read all of the necessary files.
If that operation is conducted as root, the backed-up files are
written as root and the remote system can't read them via rsync unless
I allow root logins.

I also had a hard time restricting the SSH key on the backup server to
the rsync command and read-only.  Can that be done?

- Grant