Date: Mon, 10 Dec 2001 14:00:19 -0500 From: Will Andrews <will@csociety.org> To: Marc Rassbach <marc@milestonerdl.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Rsync, ssh and using root. Message-ID: <20011210140018.A23826@squall.waterspout.com> In-Reply-To: <Pine.BSF.4.21.0112101218390.1117-100000@tandem.milestonerdl.com> References: <Pine.BSF.4.21.0112101218390.1117-100000@tandem.milestonerdl.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 10, 2001 at 12:33:25PM -0600, Marc Rassbach wrote: > I know that using remote root login is considered bad behavior, but > my job in implementation, not judgement of security. This is what the > client wants...put a hole in the default FreeBSD security. > > The client in the old days had a 3.5 box (2 of them) and used a > combination of rsync, rsync in daemon mode, and ssh to allow root to move > data between both machines. > > What was done under 3.5 (remote keys, etc la) no longer work on 4.4. > On 4.X, it seems to fail after authencation, and I have spent 20+ hours > reading man pages, and the mail list and can't find a good work around. > (I have resisted looking at the source becuase I do not feel it is a bug, > nor do I wish to patch code to make this work) > > What I am looking for is a way to have root-level privilages for > reading/writing files between servers as the lo-tech solution they want > for the 'server backup' is moving files once a day. > > Guidance as to how to do this with rsync (break securty) or some other > method that does not break security is welcome. You did not mention what specifically happens with the machines running 4.x, so I can't suggest a solution. There have been some changes regarding how ssh works, particularly in protocols, since 3.x. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210140018.A23826>