-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gereetings,
On 28. 5. 2010 1:24, Matthew Miller wrote: [...] > And you can tighten the former by restricting where the private key can be > used from and what command it can run, using from='host' and > command='rdiff-backup' on the remote system. That way, if someone does steal > the key, all that can be done is rdiff-backup. > > (This is a good idea whether or not you run as root remotely.) Thank you very much for this idea, I will reconfig my rdiff-backup solution on my machines this way ASAP, since client runs as root and private key for SSH is in the local file... Best, VooDooMan . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv/AksACgkQ1b4D/nruUWdwdgCfSu7Unp597yQcfEghDOhx6FVK ifoAoLt/gmy24koPmpaUzqBYSmsWDEzr =zekK -----END PGP SIGNATURE----- _______________________________________________ rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki