Date: Sat, 13 Jul 1996 00:04:40 -0700 (PDT) From: Jim Dennis <jim@starshine.org> To: bill@twwells.com (T. William Wells) Cc: freebsd-questions@freebsd.org Subject: Re: looking for remote dump suggestion Message-ID: <199607130704.AAA00517@starshine> In-Reply-To: <4s6tlq$6dq@twwells.com> from "T. William Wells" at Jul 12, 96 09:20:58 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > I have two machines, ux1 and admin. Ux1 is a general machine and > not considered especially secure. Admin is used only internally > and we try to keep it relatively secure. Admin has a tape drive on > it. Ux1 does not and will not; we want all that stuff on other > machines than ux1. > > To back up ux1, I have to run dump on it, which does a remote > login on admin, requiring a .rhosts on admin for ux1. If ux1 is > root compromised, so also is admin, which kinda defeats the > purpose.... > I have two suggestions for you: Trust should flow the *other* direction (rather than allowing ux1 to initiate processes on admin, allow admin to initiate processes on ux1 -- and use a command like: you@admin$ rsh -l root ux1 'dump ...' | dd ... of=/dev/rmt0 (note this is rough since I always have to look up the parameters to dump and I don't know your blocksizes, tape's device name, etc, would be). The idea is to get 'dump' on ux1 to direct its output to stdout -- which will get piped into 'dd.' My other suggestion is tcp_wrappers. You should configure admin so that it won't allow logins from ux1 at all. (I also hope that you have an anti-spoofing screen on your router).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607130704.AAA00517>