From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-127123-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QuVEK-0003ok-SZ
	for garchives@archives.gentoo.org; Fri, 19 Aug 2011 19:59:49 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6E41B21C309;
	Fri, 19 Aug 2011 19:59:35 +0000 (UTC)
Received: from mail-ew0-f53.google.com (mail-ew0-f53.google.com [209.85.215.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id CDB4C21C304
	for <gentoo-user@lists.gentoo.org>; Fri, 19 Aug 2011 19:58:46 +0000 (UTC)
Received: by ewy8 with SMTP id 8so1362795ewy.40
        for <gentoo-user@lists.gentoo.org>; Fri, 19 Aug 2011 12:58:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        bh=+v1Lqpo56X6P+JoviIlvf0riDGpPU2eJVmfQ/LByDQE=;
        b=JhIA4dM+2snCtTlGN8ZTIiyiR1EcefvqfoPRLG2QBBEOC+o6gsorGuCTub60hw06+z
         qQdxhgyF6HXKu02CEIDY2y94hSrPhBQIa8FCwJDq2wQXK6rsBRxv+WADK3N0wTY4ee1Z
         zJXsLOzABWFpkdtel8PKJXck72a2uz+XCMr4s=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.14.147.12 with SMTP id s12mr37180eej.140.1313783890332; Fri,
 19 Aug 2011 12:58:10 -0700 (PDT)
Received: by 10.14.100.140 with HTTP; Fri, 19 Aug 2011 12:58:10 -0700 (PDT)
In-Reply-To: <4E4EB426.4090401@orlitzky.com>
References: <CAN0CFw3OreQZtLVy45A_b-dZp8j8Yw1Lbvb_dyNc341fByuynA@mail.gmail.com>
	<54732072.QyOj10dyxT@eve>
	<CAN0CFw1q-GJEVMUPjzOpYYPwu+COt4j_nRX+MiOHOdoDuc8AFg@mail.gmail.com>
	<2835390.opqSYxfPPv@eve>
	<CAN0CFw1pJ57QxmsdG7xMmxjftYvRvV_XfTLg=npCJizf_grrPg@mail.gmail.com>
	<4E4E99F6.2020002@orlitzky.com>
	<CAN0CFw3G=ZAAfAimVb51=bFLmf09cHeb+PMQHBaXqmt4n1cm-g@mail.gmail.com>
	<4E4EB426.4090401@orlitzky.com>
Date: Fri, 19 Aug 2011 12:58:10 -0700
Message-ID: <CAN0CFw2tt6KvUjHNoY7g=SKNK8xLG2G-FtFUQr2pf-bOnGCNUw@mail.gmail.com>
Subject: Re: [gentoo-user] {OT} rdiff-backup: push or pull?
From: Grant <emailgrant@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: 60120e4e02f0dd476a34d0582ec6dfb8

>> Is the purpose of the Host block in .ssh/config to store the hostname
>> of the backup server so it doesn't need to be used directly in the
>> rdiff-backup command?
>
> It forces key-based authentication when connecting to the backup server.
> The default is password-based, which obviously won't work in a cron job.

I don't use an .ssh/config at all and I'm not prompted for a password
if the keys are in place.  My sshd_config is pretty much default and
my normal user is prompted for a password.

>> Why create a password for the backup user? =A0Doesn't that open up the
>> possibility of someone logging in as that user, when otherwise the
>> account would only be used for backing up files?
>
> It might work without one; in these instructions the
> machine-to-be-backed-up never connects to the backup server as root, and
> so you need a way to SCP stuff to the backup server. I usually use a
> `pwgen 16` password for these accounts and then immediately forget it,
> so nobody will log in to them for a few billion years at least.
>
> Does key-based authentication work with no password? I've never tried.

It does! :)

- Grant