Date: Sat, 7 Jun 2008 14:23:22 +0100 From: bsd <bsd@todoo.biz> To: z.szalbot@lc-words.com Cc: Liste FreeBSD <freebsd-questions@freebsd.org> Subject: Re: dump and remote file fetching Message-ID: <635632E3-80FD-4914-B5B4-72B951E95815@todoo.biz> In-Reply-To: <483D0181.5010605@lc-words.com> References: <483C8060.2070003@lc-words.com> <483C87F0.9030803@mikestammer.com> <483D0181.5010605@lc-words.com>
next in thread | previous in thread | raw e-mail | index | archive | help
What I do : Allow ssh access only using key "PubkeyAuthentication yes" Allow root access Create a root ssh Pubkey Automate the access using any script based on ssh=85 If you want to be more restrictive, you can deploy a firewall localy =20 on your server and limit ssh access to one or more selected IPs. Bye // Le 28 mai 08 =E0 07:53, Zbigniew Szalbot a =E9crit : > Hi there, > >>> Need a word of advice. I use dump to backup my data. All fine. =20 >>> Dump saves compressed *.bz2 files. Nice. All I need now is a way =20 >>> to copy them from the server to a remote backup machine. The =20 >>> problem I am facing is that bz2 files are owned by root:wheel. So =20= >>> if I use scp user@domain.tld:/path/to/*.bz2, it does not have =20 >>> sufficient permissions to fetch the files. I can use sudo, but =20 >>> then I need to interactively type the password, which I would like =20= >>> to avoid. >>> Can you suggest simple ways of getting around this? I don't mind =20 >>> using special tools for the job, especially if they are not too =20 >>> complicated... :) >>> Before firing this email off I took a look at rsync and it seems =20 >>> easy enough to do just what I need but still many thanks for =20 >>> suggestions! >> I have been very happy with rsnapshot. Take that for a spin and =20 >> see how it works for you > > I have taken a look at rsnapshot but it seems I am left to deal with =20= > the same problem: > > =46rom their page: > In addition to full paths on the local filesystem, you can also =20 > backup remote systems using rsync over ssh. If you have ssh =20 > installed and enabled (via the cmd_ssh parameter), you can specify a =20= > path like: > > backup root@example.com:/etc/ example.com/ > > This behaves fundamentally the same way, but you must take a few =20 > extra things into account. > > a/ The ssh daemon must be running on example.com > b/ You must have access to the account you specify the remote =20 > machine, in this case the root user on example.com. > > I do not allow remote root login so what are my options in that =20 > case? How do you deal with such a scenario? Many thanks! > > --=20 > Zbigniew Szalbot > www.lc-words.com > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org=20 > " =AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF= =AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF Gregober ---> PGP ID --> 0x1BA3C2FD bsd @at@ todoo.biz =AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF= =AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF=AF P "Please consider your environmental responsibility before printing =20 this e-mail"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?635632E3-80FD-4914-B5B4-72B951E95815>