On Thu, Dec 04, 2003 at 10:17:57AM +0800, Ganesan Kanavathy wrote:
> I want transfer file daily to remote machine daily using cronjob.
>
> This can achieved via ftp (with the code below) but my concern is on the
> security site. Anyone can sniff and get my username and password of my
> ftp server.
>
> After doing some research I found out that I need use rsync over
> ssh/sftp to achive via a secure tunnel.
>
> To my understanding I need create public key and copy this over to the
> other server so that when ssh it will not prompt for password.
>
> Is this approach secure? Can another machine masquerade as the trusted
> host?
I personally think SSH keys without passphrase protection is a bad idea.
Rsync indeed has a "trusted" host option - you will have to run an
rsync server on your remote machine (either via xinetd or via the
--daemon option to rsync). On the remote machine, you should have an
/etc/rsyncd.conf file that looks like:
[fileupload]
path = /path/to/directory
comment = Regular Updates
read only = false
uid = localuid
gid = localgid
list = no
hosts allow = ip.address.of.client
Then run rsync from the client as (note the two ':' characters):
rsync filename remote.server.ip::fileupload
Note that in this case, the contents of the file are vulnerable to
sniffing. If you are not worried about that, then this method is fine
(I use this to sync zone files between my primary and secondary DNS
servers) - I get the impression that you are worried only about the
password going over network unencrypted.
This method too has some drawbacks; but I prefer it to passphrase-less
ssh keys.
Binand
--
Linux - It is now safe to power ON your computer.
-------------------------------------------------------
This SF.net email is sponsored by OSDN's Audience Survey.
Help shape OSDN's sites and tell us what you think. Take this
five minute survey and you could win a $250 Gift Certificate.
http://www.wrgsurveys.com/2003/osdntech03.php?site=8
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
