Hi all, I am looking to implement an OpenBSD server as a backup server.
Critically, it will provide backup to untrusted clients, so I need the setup to be robust against an adversary in possession of the access codes. Does anyone have recommendations for a solid setup? My current plan is: - create a restricted user that has ssh access to the machine - use rrsync, lock down the shell of the restricted user following the recommendation of rrsync - use rsnapshot on top of this Any feedback welcome, thanks! Jake
