Dump | Restore

[cpghost]

On Mon, Apr 20, 2009 at 12:46:05PM +0200, Wojciech Puchar wrote:
> use rsh not ssh unless you really need encryption.

Sure, you *could* do that, but be sure to encrypt *and* sign the
backup stream beforehand, e.g. using openssl or gnupg... And even
then, anyone sniffing that poorly encrypted (at layer 2) wireless LAN
connection could still hijack the password, log into the backup host,
and delete or corrupt the (encrypted) dump files.

Perhaps it's better to use ssh anyway, even for encrypted and signed
dump files. Creating and transfering a couple of key files to the
clients and backup host and using ssh(1) is not hard. Really not. ;-)

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/