While I won't argue that it's the best solution that's essentially
what we do.
For backup purposes we create a file on Node1 using a root cron
job. It gets placed in ~backupuser and ownership of the file is set
to that user. Node2 connects via a cron job executing as it's own
backuser pulls the file across via scp with pub key authentication.
From there it's to tape. The backup user on both (all really) nodes
is locked. Unlike some others possibly we don't have shell users
other than two people who have the role of sysadmins (and access to
root privs anyway). chroot is one way to help improve any
potential/necessary shell access by the accounts.
Date: 2002-Oct-09
01:34pm NST
From: Johan De Meersman
[EMAIL PROTECTED]
Subject: Re: Is SSH worth it??
Not to be annoying, but I don't think it's ever a good idea to allow=20
root ssh to any machine :) Setup a low-permissions user, and use that,=20
or better yet, use something that allows a shell-less user for your data =
transfers. Perhaps there's a good reason, but one of the things I find=20
annoying in ssh, is that scp requires a valid shell for the destination=20
user - dunno if the same is true for sftp.- Re: Is SSH worth it?? Devdas Bhagat
- Re: Is SSH worth it?? hackerwacker
- Re: Is SSH worth it?? thrawn
- RE: Is SSH worth it?? Chris Reickenbacker
- Is SSH worth it?? Trevor Cushen
- Re: Is SSH worth it?? Devdas Bhagat
- Re: Is SSH worth it?? David Corking
- RE: Is SSH worth it?? Trevor Cushen
- Re: Is SSH worth it?? Johan De Meersman
- Re: Is SSH worth it?? Bennett Todd
- Re: Is SSH worth it?? Rick Magill
- Re: Is SSH worth it?? Noah Salzman
- Re: Is SSH worth it?? Devdas Bhagat
- RE: Is SSH worth it?? Louis Erickson
- RE: Is SSH worth it?? Godfrey, Tyler
- RE: Is SSH worth it?? Trevor Cushen
- Re: Is SSH worth it?? Jason Bowman
- Re: Is SSH worth it?? Chris Berry
- Re: Is SSH worth it?? Warren Raquel
- Re: Is SSH worth it?? David Corking
- Re: Is SSH worth it?? Johan De Meersman
