On 07/14 10:07 , Harry Mangalam wrote: > The downside of this for larger installation tho is that it requires > manual intervention to establish the shared ssh keys (for root!) to > allow remote tar'ing of file, no?
you should be able to set up a special account on each client machine, which uses sudo to run tar with root privs. Then set up the ssh key to only allow the tar command to be run. (with the command= option in the dsa key on the client side). this is how I back up my machines, and avoid doing a passwordless ssh login as root. > (so does the rsyncd config, but in that case all you have to do is > place the "rsyncd.[conf|secrets]" files on the client. (with a > different rsyncd.secrets password for each client of course; > otherwise any client could rsync/read the contents of any other > client). set up your rsyncd to only allow connections from the backup server. :) -- Carl Soderstrom Systems Administrator Real-Time Enterprises www.real-time.com ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
