From owner-freebsd-questions Sat Jul 13 00:39:39 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA17641 for questions-outgoing; Sat, 13 Jul 1996 00:39:39 -0700 (PDT) Received: from hustle.rahul.net (hustle.rahul.net [192.160.13.2]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id AAA17629 for ; Sat, 13 Jul 1996 00:39:36 -0700 (PDT) Received: by hustle.rahul.net with UUCP id AA15122 (5.67b8/IDA-1.5 for freebsd-questions@freebsd.org); Sat, 13 Jul 1996 00:39:19 -0700 Received: (from jim@localhost) by starshine (8.6.11/8.6.9) id AAA00517; Sat, 13 Jul 1996 00:04:40 -0700 From: Jim Dennis Message-Id: <199607130704.AAA00517@starshine> Subject: Re: looking for remote dump suggestion To: bill@twwells.com (T. William Wells) Date: Sat, 13 Jul 1996 00:04:40 -0700 (PDT) Cc: freebsd-questions@freebsd.org In-Reply-To: <4s6tlq$6dq@twwells.com> from "T. William Wells" at Jul 12, 96 09:20:58 pm X-Mailer: ELM [version 2.4 PL24] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > I have two machines, ux1 and admin. Ux1 is a general machine and > not considered especially secure. Admin is used only internally > and we try to keep it relatively secure. Admin has a tape drive on > it. Ux1 does not and will not; we want all that stuff on other > machines than ux1. > > To back up ux1, I have to run dump on it, which does a remote > login on admin, requiring a .rhosts on admin for ux1. If ux1 is > root compromised, so also is admin, which kinda defeats the > purpose.... > I have two suggestions for you: Trust should flow the *other* direction (rather than allowing ux1 to initiate processes on admin, allow admin to initiate processes on ux1 -- and use a command like: you@admin$ rsh -l root ux1 'dump ...' | dd ... of=/dev/rmt0 (note this is rough since I always have to look up the parameters to dump and I don't know your blocksizes, tape's device name, etc, would be). The idea is to get 'dump' on ux1 to direct its output to stdout -- which will get piped into 'dd.' My other suggestion is tcp_wrappers. You should configure admin so that it won't allow logins from ux1 at all. (I also hope that you have an anti-spoofing screen on your router).