Date: Wed, 6 Jun 2001 08:29:16 -0400 (EDT) From: Jim Weeks <jim@siteplus.net> To: Erich Zigler <erichz@superhero.org> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: rsync for mirroring Message-ID: <Pine.BSF.4.21.0106060758450.796-100000@veager.siteplus.net> In-Reply-To: <20010605235227.A500@superhero.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Erich, I found this article very helpful http://www.freebsddiary.org/rsync.php You should be able to run the daemon fairly securely as (uid root) and (gid wheel) as long as you follow the directions in the security section. You should also set (list=false) in order to protect the names of your modules. I should think that with the anonymity of your rsync user-name (which by the way does not have to coincide with any system user-name), hidden password and hidden module names combined with ssh encryption, you should be fairly secure. good luck, -- Jim Weeks On Tue, 5 Jun 2001, Erich Zigler wrote: > I'm currently trying to keep two servers as semi-updated mirrors of each > other. > > The plan is to have rsync keep the directories in sync via ssh. For security > reasons I have created two plain joe users whose only exceptional capability > is the ability to login to the other machine without being prompted for a > password using ssh. > > Now my issue is that using rsync -avz -e "ssh -l /path/to/identify" /path > user@domain:/path > > Does not work. Using this line it still prompts for a password. I would rather > not have to give joe user anymore access then he absolutley has to have. I > would prefer to be able to run rsync as root just using joe user's identify > files. > > Any idea on how to accomplish, this or an alternative would be greatly > appreciated. > > Thank you. > > -- > Erich Zigler > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106060758450.796-100000>