dump and remote file fetching
bsd
bsd at todoo.biz
Sat Jun 7 13:24:43 UTC 2008
What I do :
Allow ssh access only using key "PubkeyAuthentication yes"
Allow root access
Create a root ssh Pubkey
Automate the access using any script based on ssh…
If you want to be more restrictive, you can deploy a firewall localy
on your server and limit ssh access to one or more selected IPs.
Bye //
Le 28 mai 08 à 07:53, Zbigniew Szalbot a écrit :
> Hi there,
>
>>> Need a word of advice. I use dump to backup my data. All fine.
>>> Dump saves compressed *.bz2 files. Nice. All I need now is a way
>>> to copy them from the server to a remote backup machine. The
>>> problem I am facing is that bz2 files are owned by root:wheel. So
>>> if I use scp user at domain.tld:/path/to/*.bz2, it does not have
>>> sufficient permissions to fetch the files. I can use sudo, but
>>> then I need to interactively type the password, which I would like
>>> to avoid.
>>> Can you suggest simple ways of getting around this? I don't mind
>>> using special tools for the job, especially if they are not too
>>> complicated... :)
>>> Before firing this email off I took a look at rsync and it seems
>>> easy enough to do just what I need but still many thanks for
>>> suggestions!
>> I have been very happy with rsnapshot. Take that for a spin and
>> see how it works for you
>
> I have taken a look at rsnapshot but it seems I am left to deal with
> the same problem:
>
> From their page:
> In addition to full paths on the local filesystem, you can also
> backup remote systems using rsync over ssh. If you have ssh
> installed and enabled (via the cmd_ssh parameter), you can specify a
> path like:
>
> backup root at example.com:/etc/ example.com/
>
> This behaves fundamentally the same way, but you must take a few
> extra things into account.
>
> a/ The ssh daemon must be running on example.com
> b/ You must have access to the account you specify the remote
> machine, in this case the root user on example.com.
>
> I do not allow remote root login so what are my options in that
> case? How do you deal with such a scenario? Many thanks!
>
> --
> Zbigniew Szalbot
> www.lc-words.com
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org
> "
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
More information about the freebsd-questions
mailing list