From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NkgFw-0006jT-Q6 for garchives@archives.gentoo.org; Thu, 25 Feb 2010 16:08:05 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0CE20E0F23 for ; Thu, 25 Feb 2010 16:08:04 +0000 (UTC) Received: from ey-out-1920.google.com (ey-out-1920.google.com [74.125.78.148]) by pigeon.gentoo.org (Postfix) with ESMTP id D4305E0B70 for ; Thu, 25 Feb 2010 15:43:37 +0000 (UTC) Received: by ey-out-1920.google.com with SMTP id 5so78389eyb.40 for ; Thu, 25 Feb 2010 07:43:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:references:in-reply-to:mime-version:content-type :content-transfer-encoding:message-id; bh=gFEfhTWjYAUnf+z4wms8RZJ3HVgWo+H6edrYO0Iqkgw=; b=j9rYYj9XOOD5YaUYuuoj2LhhJPESkzPXPm8MHiBEWEViEnmTsTAELas50UA7o63TQt +16tiDQhN34q6ppYQv1hLdeE621YBYBi2Z3fVeL6AeZw8jkst4qRWwi15yi49qUR/o1v cxAp3uIYDSx4zVy/tlmEwvSgxV96bcRf/80O8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id; b=UAFzxrKGdj2XxxzAIgOeuvUzlJJNj0NIUcjThgwk4FQ/1pv6FCaU8gRx7fwnlWGtRp 6A+afGzYTwCpR94OxOTddgTu0zMEivl4Fr9BVE19xlkqqdCHPmNXpzLQ2oP3JtYHczqV Yk5deMXQSx3kf+lVfy63MYjoP6uFv9Xk8pS+I= Received: by 10.213.38.3 with SMTP id z3mr1219278ebd.69.1267112617196; Thu, 25 Feb 2010 07:43:37 -0800 (PST) Received: from nazgul.localnet (196-210-153-205-rrdg-esr-2.dynamic.isadsl.co.za [196.210.153.205]) by mx.google.com with ESMTPS id 15sm1512236ewy.8.2010.02.25.07.43.35 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 25 Feb 2010 07:43:35 -0800 (PST) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] rsync backup system Date: Thu, 25 Feb 2010 17:41:13 +0200 User-Agent: KMail/1.13.0 (Linux/2.6.32-zen6; KDE/4.4.0; x86_64; ; ) References: <49bf44f10911190844i5cb77185me60d5eb44ff2bfc7@mail.gmail.com> <20100224205159.71dd79be@digimed.co.uk> In-Reply-To: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201002251741.13525.alan.mckinnon@gmail.com> X-Archives-Salt: cb46550b-bdf5-4824-b7dc-3d59dc8c7e88 X-Archives-Hash: f21944832f0793f7d19b1116aab9ecb9 On Thursday 25 February 2010 17:15:36 Ward Poelmans wrote: > On Wed, Feb 24, 2010 at 21:51, Neil Bothwick wrote: > > It looks interesting, and no program is that good that alternatives > > should never be considered, but I really like the way BaclupPC works. > > Everything is handled by the server, all you need to do on each client is > > copy the backuppc user's public key to /root/.ssh/authorized_keys. > > Well, that's one of the things i don't like. Is there backup software > where the client does the backup to the server and not the server > fetching the backup from the client? I can't find a good way to take > regular backup's from laptop that come and go. Never mind the massive security issues resulting from the backup server logging into the clients with a passphrase-less key, AS ROOT. Which means you now have to open up root logins over ssh on the clients. And someone gets into your backup server, BANG! instant pwnage of every single machine on your network. Heck, you don't even have to try and compromise the local root account, you already have full unfettered access to everything anyway. Worse, I'll bet the server software runs as an unpriviledged user, so you can just bypass the bit where you have to compromise root there as well. It all looks like a classic case of sacrificing any and all security in the name of mere convenience. I have the same running battle at work, some idiot (probably in marketing getting a kickback) wants me to run a frigging JAVA backup app on my mission critical servers, the ones with 500+ users on them most of them chancers of the first order. They didn't understand the irony when I suggested I should just dispense with passwords and keys altogether and chmod -R 777 / A much better way is to run a dedicated agent on the client. If the server needs to schedule backups, it can ask the agent to do so using regular tcp traffic. The client can then do it's backup and rsync it over to the server when it's done, and that push can be done as a regular user on both ends. The actual backing up on the client must be done by root of course, no other user has the necessary access. -- alan dot mckinnon at gmail dot com