You can prefix the key in /root/.ssh/authorized_keys with something
like the following:

  no-pty,no-agent-forwarding,no-X11-forwarding,no-port-forwarding,command="rsync
--server --sender -vlogDtprze.iL --ignore-errors --numeric-ids
--inplace . /" ssh-rsa ...

This will force a ssh connection to start rsync rather than a shell.

On Fri, Mar 18, 2011 at 5:57 AM, Neal Becker <ndbecker2 AT gmail DOT com> wrote:
> Neal Becker wrote:
>
>> I'm interested in setting up linux->linux backup.  I don't like the idea of
>> giving permission for machine1 as user backup to ssh to machine2 as root.
>> What are the options?
>>
>> 1. Can ssh be restricted so that the only command user backup can run is
>> rsync? 2. Is there an easy way (using acls?) to give a user backup read 
>> access
>> to everything (probably not)
>> 3. Some other options I haven't thought of?
>>
>>
>
> Maybe I can use the command=rsync option to the client's authorized_keys file?
>
>
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users AT lists.sourceforge DOT net
> List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki:    http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/
>

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/