On Wed, Jan 02, 2002 at 09:19:11AM -0500, [EMAIL PROTECTED] wrote: > Automation with keys stored on machines is better than doing it manually > and forgetting to back up. :-)
Agreed. Like excercise, the kind you do is better than the kind you don't. > It **does** provide a path by which someone can gain access from one > machine to another. Even accounts with minimal privs can be > compromised. A universal fact, hopefully known to all list members. > The [modules] in rsyncd.conf provide a nice way to package what you want to > back up. You can also specify what ip addresses connect to rsyncd. So in > theory only the backup machine can connect to the rsyncd daemons; we've set > those to read-only. Ack! If you're doing file level rsync backups to rsyncd, rsyncd *must* be running as root (DON'T DO THAT), else your perms will be useless. rsyncd just isn't something that should run with root perms... therefore it's rather useless for file level rsync backups. If you tar up the source, and send those to your rsyncd that's less of a security risk from rsyncd itself, HOWEVER your root only file data is now in a userland tar file, so your data is now less secure on the backup server than it was on the source machine. Very bad backup design. > It **seems** that even though we are pulling the data of with rsync -e > ssh there is no need for a key on the server machine. Maybe I was > working on it too late last night; at any rate, tcpdump will tell. Can > it build an ssh tunnel without keys at both ends? YMMV. No need to guess. if you're using one :, your using rsh by default unless modified by -e or RSYNC_RSH. If you're using two ::, you're using rsyncd. > The idea is that if someone got root on the client machines, the only > additional path they would have to backups is an interface on the > private LAN. Not foolproof, but lower hanging fruit elsewhere would be > easier picking. Maybe, maybe not. If they can get all the goodies off your backup server, without having to break all the security of the source machines, you're still just as comprimised. -- Ted Deppner http://www.psyber.com/~ted/
