BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] [newb] ssh rsync with restricted permissions

2011-03-18 11:29:00
Subject: Re: [BackupPC-users] [newb] ssh rsync with restricted permissions
From: Neal Becker <ndbecker2 AT gmail DOT com>
To: backuppc-users AT lists.sourceforge DOT net
Date: Fri, 18 Mar 2011 11:26:34 -0400 
Well before your post I tried:
command="rsync"

But this fails.  It seems BPC wants to run some other commands besides just 
rsync.  The failure said something about not being able to get the filelist.

Mike Loseke wrote:

> You can prefix the key in /root/.ssh/authorized_keys with something
> like the following:
> 
>   no-pty,no-agent-forwarding,no-X11-forwarding,no-port-
forwarding,command="rsync
> --server --sender -vlogDtprze.iL --ignore-errors --numeric-ids
> --inplace . /" ssh-rsa ...
> 
> This will force a ssh connection to start rsync rather than a shell.
> 
> On Fri, Mar 18, 2011 at 5:57 AM, Neal Becker <ndbecker2 AT gmail DOT com> 
> wrote:
>> Neal Becker wrote:
>>
>>> I'm interested in setting up linux->linux backup.  I don't like the idea of
>>> giving permission for machine1 as user backup to ssh to machine2 as root.
>>> What are the options?
>>>
>>> 1. Can ssh be restricted so that the only command user backup can run is
>>> rsync? 2. Is there an easy way (using acls?) to give a user backup read
>>> access to everything (probably not)
>>> 3. Some other options I haven't thought of?
>>>
>>>
>>
>> Maybe I can use the command=rsync option to the client's authorized_keys
>> file?
>>
>>
>> 
------------------------------------------------------------------------------
>> Colocation vs. Managed Hosting
>> A question and answer guide to determining the best fit
>> for your organization - today and in the future.
>> http://p.sf.net/sfu/internap-sfd2d
>> _______________________________________________
>> BackupPC-users mailing list
>> BackupPC-users AT lists.sourceforge DOT net
>> List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
>> Wiki:    http://backuppc.wiki.sourceforge.net
>> Project: http://backuppc.sourceforge.net/
>>
> 
> ------------------------------------------------------------------------------
> Colocation vs. Managed Hosting
> A question and answer guide to determining the best fit
> for your organization - today and in the future.
> http://p.sf.net/sfu/internap-sfd2d
> _______________________________________________
> BackupPC-users mailing list
> BackupPC-users AT lists.sourceforge DOT net
> List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
> Wiki:    http://backuppc.wiki.sourceforge.net
> Project: http://backuppc.sourceforge.net/



------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [BackupPC-users] [newb] ssh rsync with restricted permissions, Mike Loseke
Next by Date:  Re: [BackupPC-users] BackupPC Basics, Joe Konecny
Previous by Thread:  Re: [BackupPC-users] [newb] ssh rsync with restricted permissions, Mike Loseke
Next by Thread:  Re: [BackupPC-users] [newb] ssh rsync with restricted permissions, Les Mikesell
Indexes:  [Date] [Thread] [Top] [All Lists]