From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-127117-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1QuSza-0000bZ-JE
	for garchives@archives.gentoo.org; Fri, 19 Aug 2011 17:36:26 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 9E77E21C196;
	Fri, 19 Aug 2011 17:36:11 +0000 (UTC)
Received: from mail-ey0-f171.google.com (mail-ey0-f171.google.com [209.85.215.171])
	by pigeon.gentoo.org (Postfix) with ESMTP id 4BFA821C06A
	for <gentoo-user@lists.gentoo.org>; Fri, 19 Aug 2011 17:35:11 +0000 (UTC)
Received: by eyg24 with SMTP id 24so1592235eyg.16
        for <gentoo-user@lists.gentoo.org>; Fri, 19 Aug 2011 10:35:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type:content-transfer-encoding;
        bh=l+vwtUUUjhu0yYvAPUJ0nLCdngE4eJp3kusyOCIQnBk=;
        b=lNCWEuYZEdeAF0Du87WTs6yVsaedPD3QrgSWd9cDCG24yTi72uBIWuna6Uo3NNh/XE
         A0nxxPobbeh7ZL1fzhdrh/ThmFXcbarRe7caxc3ntMk02tCD0QxPx1xhvIh8kobZ/9SE
         VcLF/UU2nAWnhgX+/IOk6ygwQHrg4pH9bBS/M=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.14.97.66 with SMTP id s42mr9788eef.44.1313775310460; Fri, 19
 Aug 2011 10:35:10 -0700 (PDT)
Received: by 10.14.100.140 with HTTP; Fri, 19 Aug 2011 10:35:10 -0700 (PDT)
In-Reply-To: <2884643.h5uTXF1KYh@eve>
References: <CAN0CFw3OreQZtLVy45A_b-dZp8j8Yw1Lbvb_dyNc341fByuynA@mail.gmail.com>
	<54732072.QyOj10dyxT@eve>
	<CAN0CFw2G3CyXZXz+yFFavhqGz1qA4mKGiKQ1AkRz0+OiFVzuBA@mail.gmail.com>
	<2884643.h5uTXF1KYh@eve>
Date: Fri, 19 Aug 2011 10:35:10 -0700
Message-ID: <CAN0CFw2zZDcWttCBE+PiFSMpST9PMydwLVmC2EnfUqN4C5oxuQ@mail.gmail.com>
Subject: Re: [gentoo-user] {OT} rdiff-backup: push or pull?
From: Grant <emailgrant@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: 2fdc5f33f38e4438ce17f620b7dd604b

>> >> I'm setting up an automated rdiff-backup system and I'm stuck between
>> >> pushing the backups to the backup server, and pulling the backups to
>> >> the backup server. =A0If I push, I have to allow read/write access of=
 my
>> >> backups via SSH keys. =A0If I pull, I have to enable root logins on e=
ach
>> >> system to be backed-up, allow root read access of each system via SSH
>> >> keys, and I have to deal with openvpn or ssh -R so my laptop can back
>> >> up from behind foreign routers. =A0The conventional wisdom online see=
ms
>> >> to indicate pulling is better, but pushing seems like it might be
>> >> better to me. =A0Do you push or pull?
>> >
>> > I would push, to be honest.
>>
>> What can be done about the fact that any attacker who can break into a
>> system and wipe it out can also wipe out its backups? =A0That negates
>> one of the reasons for making the backups in the first place.
>
> True, except if, after a backup is finished, you move the actual backup t=
o a
> different location. (Or you backup the backup server)

I do back up the backup server to another system via rsync, but if the
backups on the backup server are wiped out, rsync will wipe them out
on the other system too.

> I store all important files on my server and the backups there can not be
> accessed from the fileserver itself. (That backup is done in "pull" mode =
every
> night.)

I thought you were in favor of "pushing"?  How do you back up to a
system that can't access the backups?

>> Should private SSH keys be excluded from the backup? =A0Should anything
>> else be excluded?
>
> When a host is compromised, the corresponding entries in the "authorized_=
keys"
> should be removed from all other servers/hosts. This will make those priv=
ate
> keys useless.

So it's OK to back up a private key to another system?  I just want to
make sure I'm not breaking a "good admin" rule by doing this.

- Grant