Date: Wed, 28 Nov 2001 08:04:41 -0600 From: Eric Anderson <anderson@centtech.com> To: Rasputin <rasputin@submonkey.net> Cc: "Stephen T. Shipley" <steve@e-shipley.com>, security@freebsd.org Subject: Re: crypted remote backup Message-ID: <3C04EEF9.D10C1B41@centtech.com> References: <E168Qts-000Bj5-00@rip.psg.com> <200111270147.fAR1lDk16602@e-shipley.com> <20011128101048.A25860@shikima.mine.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
What I have been doing is croning a script (as root) that
tarballs the right stuff, and then scp the file as another
user ("backup" in my case) to another box. This way I'm not
logging in as root to copy a file over the net, and I don't
have to have sshd set up to allow root logins at all. If
you wanted to use rsync, there are a few ways to do it, but
scp does a good job at recursively scp'ing files, although
it will do ALL files every time. You can also look into
unison, it may have some better options for you.
Eric
Rasputin wrote:
>
> * Stephen T. Shipley <steve@e-shipley.com> [011127 03:57]:
> > Configure rsync.conf on source server (with 40g file) and run as a daemon. Provide a net name like "www" for alias to path.
> > And possibly run from one of the /etc/periodic/daily scripts like this (on destination box).
> >
> > /usr/local/bin/rsync -e /usr/bin/ssh -avz <source address>::www \
>
> I think (though could be wrong) that the double colon here ^^
> will cause rsync to use rsh as a transport, despite the fact that
> you specified ssh as an *available* transport with '-e ssh' earlier.
>
> And while we're on the subject, what's the safest way of doing this as root
> (to preserve permissions, and have access to a whole fs tree;
> I'm not too bothered about crypto at the destination directory)
>
> Cheers.
>
> > /usr/local/www/data/home_something_destination && rc=0||rc=3
>
> --
> Love and scandal are the best sweeteners of tea.
> Rasputin :: Jack of All Trades - Master of Nuns ::
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
--
-------------------------------------------------------------
Eric Anderson anderson@centtech.com Centaur Technology
An unbreakable toy is useful for breaking other toys.
-------------------------------------------------------------
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C04EEF9.D10C1B41>