Your only real option at this stage is look at hardware key storage such a a yubikey. This means that key material can't be removed but you can still auth to the backed up systems via the hardware key. This limits the attack to being started from the system with the hardware module, this only moves the problem about in your example as physical access and password resets can be used to backdoor the backup server fairly quickly.
On 28/07/2016 16:59, lanceh1412-busin...@yahoo.co.uk wrote: > It is quite easy to reset your user password in ubuntu if you have > physical access to the machine. > See https://help.ubuntu.com/community/LostPassword. This is why I > wanted to encrypt the ssh keys. That way if someone resets the > password they can't access the keys. > > > On Thursday, 28 July 2016, 14:23, Bowie Bailey <bowie_bai...@buc.com> > wrote: > > > "if someone had physical access to backuppc server they could easily > logon as backuppc user by resetting the password" > > How would that work? Unless you leave the backuppc user logged in, > they would still need to either know the password or use some sort of > hack to get access before being able to reset the password (such as > rebooting with a live cd and accessing the OS partition directly). > > Always protect physical access to important computers. If someone has > physical access to your server, all bets are off. Also, if a user > account has passwordless ssh keys giving root access to any of your > systems, then you should make sure that the account has a strong > password (at the least), or that the ssh keys that give access do > require (strong) passwords. > > Bowie > > On 7/28/2016 9:01 AM, lanceh1412-busin...@yahoo.co.uk > <mailto:lanceh1412-busin...@yahoo.co.uk> wrote: >> I hadn't really thought about the danger from a restore. I guess that >> would require quite a bit of technical knowledge of backuppc to >> engineer an attack on a server? It would require significantly less >> knowledge to steal the ssh keys on an unencrypted server and then >> have root access. >> >> >> On Thursday, 28 July 2016, 13:11, Carl Wilhelm Soderstrom >> <chr...@real-time.com> <mailto:chr...@real-time.com> wrote: >> >> >> On 07/28 10:53 , lanceh1412-busin...@yahoo.co.uk >> <mailto:lanceh1412-busin...@yahoo.co.uk> wrote: >> >> > Just trying to harden security. My concern is if someone had >> physical access to backuppc server they could easily logon as >> backuppc user by resetting the password and therefore gain access to >> the ssh keys. Now I see it is possible to put the ssh keys in >> an encrypted private directory (See EncryptedPrivateDirectory - >> Community Help Wiki). This would mean that even if someone could >> reset the password and logon as backuppc they wouldn't have access to >> the keys. >> > Has anyone done this or would recommend this way or got any other >> suggestions? >> >> >> My logic for my setup is: >> if someone has access to the BackupPC server, they have all the data >> on all >> the computers being backed up. At that point, the risk is whether >> they could >> modify data on the live server. >> >> To avoid that risk, I don't allow the BackupPC server write access to the >> machines being backed up, only read access. The restores aren't >> really much >> more inconvenient (I tend to use tar+netcat for restores on Linux >> boxen, and >> zipfile downloads on Windows boxen), and I feel like I have more >> confidence >> that I'm not going to accidentally clobber the wrong data. >> >> -- >> Carl Soderstrom >> Systems Administrator >> Real-Time Enterprises >> www.real-time.com <http://www.real-time.com/> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> >> _______________________________________________ >> BackupPC-users mailing list >> BackupPC-users@lists.sourceforge.net >> <mailto:BackupPC-users@lists.sourceforge.net> >> List: https://lists.sourceforge.net/lists/listinfo/backuppc-users >> Wiki: http://backuppc.wiki.sourceforge.net >> <http://backuppc.wiki.sourceforge.net/> >> Project: http://backuppc.sourceforge.net/ > > > ------------------------------------------------------------------------------ > > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > <mailto:BackupPC-users@lists.sourceforge.net> > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > <http://backuppc.wiki.sourceforge.net/> > Project: http://backuppc.sourceforge.net/ > > > > > ------------------------------------------------------------------------------ > > > _______________________________________________ > BackupPC-users mailing list > BackupPC-users@lists.sourceforge.net > List: https://lists.sourceforge.net/lists/listinfo/backuppc-users > Wiki: http://backuppc.wiki.sourceforge.net > Project: http://backuppc.sourceforge.net/
------------------------------------------------------------------------------
_______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/
