BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] Almost working

2008-10-13 08:20:28
Subject: Re: [BackupPC-users] Almost working
From: Rob Owens <rob.owens AT biochemfluidics DOT com>
To: "General list for user discussion, questions and support" <backuppc-users AT lists.sourceforge DOT net>
Date: Mon, 13 Oct 2008 07:50:43 -0400 
Kenneth L. Owen wrote:
 > On this path, my next step is to set up ssh-keys for BackupPC.
> Remember, that I am a novice in Linux.  I have instructions for creating
> the keys but find a discrepancy between the instructions (written for
> Debian) and the Fedora setup.  When creating keys on the archive unit
> running BackupPC, the instructions say to be logged in as user backuppc.
>  Fedora 8 came with BackupPC installed and almost setup to run with
> directories, file permissions and a user (backuppc) in existence but set
> for no logon.  Do I instead work as root?  -- ken
> 

Here's some background on how ssh keys work.

There are 2 basic types of keys:  keys which identify a server, and keys
which are used for user authentication.  Note that they are not really
different in construction, only in the purpose they serve.

The "identifier" keys go in /etc/ssh/some_keyfile_name and
/etc/ssh/some_keyfile_name.pub and are typically created by the system
when the ssh server software is installed.

The "authentication" keys are created by the user and are stored in the
/home/username/.ssh directory.  The filenames will be something like
id_rsa and id_rsa.pub.

Keys are generated as "key pairs".  There is a private key and a public
key.  The public key ends in .pub and can be distributed freely.  It is
not a secret.  The private key is a secret, and only its owner should
have access to it.

Placing your public key on a remote server, inside the file
/home/someuser/.ssh/authorized_keys, will allow you to log into that
server as "someuser".

In the case of BackupPC, the backuppc user is the one who needs to log
in to other machines.  Therefore the backuppc user (on the BackupPC
server) is the one who needs to generate keypairs and distribute the
public keys to the host servers that need to be backed up.

Backups need to be run as a user who has permission to read all the
files that you intend to back up.  For this reason, some people have the
backuppc user on the BackupPC server log in as root to the host servers.
 A more secure method is have the backuppc user log in as a non-root
user on the host servers (it can be any username that you decide on) and
give that user special permissions to read the files that need to be
backed up.  This is usually done using "sudo".

Remember that when logging in remotely, the local username does not have
to match the remote username.  The backuppc user on the BackupPC server
can log into the host machines as "root", "backuppc", "backupguy",
"fred", or whatever you choose to set up.

Hope that helps.  Sometimes you need some background information to
complement the step-by-step instructions you find on the internet.

-Rob
********************************************************

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the addressee, any disclosure, reproduction,
copying, distribution, or other dissemination or use of this transmission in
error please notify the sender immediately and then delete this e-mail.
E-mail transmission cannot be guaranteed to be secure or error free as
information could be intercepted, corrupted lost, destroyed, arrive late or
incomplete, or contain viruses.
The sender therefore does not accept liability for any errors or omissions
in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard copy
version.

********************************************************


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] Almost working, Michael Mansour
Next by Date:  Re: [BackupPC-users] Compression during Xfer, Carl Wilhelm Soderstrom
Previous by Thread:  Re: [BackupPC-users] Almost working, Adam Goryachev
Next by Thread:  Re: [BackupPC-users] Almost working, Stephen Vaughan
Indexes:  [Date] [Thread] [Top] [All Lists]