Hi, I'm trying to figure out a way to secure my backuppc installation. I'm running it on a Debian box. The server and most of the clients are running Debian/unstable, with one running Debian/testing and I will probably convert my laptop from Debian/unstable to Ubuntu.
With the default installation method, you are supposed to create an ssh key for root on each of the client machines, and one for the backuppc user on the server. Unfortunately, the ideal way to create the key would be to use a passwordless ssh key, a method with which I am not overly comfortable. I considered using the ssh-agent and ssh-add...But if a machine (especially a remote one) reboots, the agent gets lost and you have to lay hands on the box to re-establish the ssh-agent. I saw on the ssh page on the backuppc site that someone had set up sudoers and used a non-privileged account to do backup. I was thinking about taking this a step further. I had considered setting up either OpenVPN (which I already use externally) or stunnel to use ssl to tunnel the backups and authentication. The other option I am looking at is to use the capability in ssh to assign specific commands to a key. Since I am using the tar method, what other commands besides /bin/tar would be needed for backuppc? I would also be interested in hearing how others have tackled this issue. Regards, --b ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
