On Thursday 25 February 2010 17:15:36 Ward Poelmans wrote: > On Wed, Feb 24, 2010 at 21:51, Neil Bothwick <n...@digimed.co.uk> wrote: > > It looks interesting, and no program is that good that alternatives > > should never be considered, but I really like the way BaclupPC works. > > Everything is handled by the server, all you need to do on each client is > > copy the backuppc user's public key to /root/.ssh/authorized_keys. > > Well, that's one of the things i don't like. Is there backup software > where the client does the backup to the server and not the server > fetching the backup from the client? I can't find a good way to take > regular backup's from laptop that come and go.
Never mind the massive security issues resulting from the backup server logging into the clients with a passphrase-less key, AS ROOT. Which means you now have to open up root logins over ssh on the clients. And someone gets into your backup server, BANG! instant pwnage of every single machine on your network. Heck, you don't even have to try and compromise the local root account, you already have full unfettered access to everything anyway. Worse, I'll bet the server software runs as an unpriviledged user, so you can just bypass the bit where you have to compromise root there as well. It all looks like a classic case of sacrificing any and all security in the name of mere convenience. I have the same running battle at work, some idiot (probably in marketing getting a kickback) wants me to run a frigging JAVA backup app on my mission critical servers, the ones with 500+ users on them most of them chancers of the first order. They didn't understand the irony when I suggested I should just dispense with passwords and keys altogether and chmod -R 777 / A much better way is to run a dedicated agent on the client. If the server needs to schedule backups, it can ask the agent to do so using regular tcp traffic. The client can then do it's backup and rsync it over to the server when it's done, and that push can be done as a regular user on both ends. The actual backing up on the client must be done by root of course, no other user has the necessary access. -- alan dot mckinnon at gmail dot com
