Date: Fri, 16 Mar 2001 12:17:59 -0600 From: Dan Nelson <dnelson@emsphone.com> To: Nathaniel Schein - Hostmaster <nathaniel@lawinfo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Mirroring, Synchronizing and Backing-up Message-ID: <20010316121759.A29612@dan.emsphone.com> In-Reply-To: <DCELKDGENGJBOILCLOAIIEDACCAA.nathaniel@lawinfo.com>; from "Nathaniel Schein - Hostmaster" on Fri Mar 16 09:36:24 GMT 2001 References: <DCELKDGENGJBOILCLOAIIEDACCAA.nathaniel@lawinfo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Mar 16), Nathaniel Schein - Hostmaster said: > I have a production server that cannot go down and a server slated for > mirroring. Can someone suggest a good method to (on a daily basis) > synchronize the production server's file system on the mirror as well as the > /etc directory including permissions, file ownership and the password file. > This procedure/solution/method must also be secure (rsync over ssh might > require allowing root login which is unacceptable), and cheap (Veritas > Netbackup is not possible). Implementation of this must be done without > taking down the production server or putting it in any risk. Tar and scp > would be tricky because of little disk space. rsync+ssh should be quite secure. If you generate user keys (via ssh-keygen) and put the public key on the other machine's ~root/.ssh/authorized_keys file, you shouldn't need to enter a password. You can further tighten it down by adding a command= keyword to the auth_keys file that forces rsync to run whenever that key is used to log in (to keep people from trying to use it as a quick way to log into machine #2 from #1). man sshd, search for command= . -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010316121759.A29612>