Re: [BackupPC-users] cygwin-rsyncd-3.1.2.0

[tbuchanan]

Hi Yves, I would be interested in getting the newer version of the 
cygwin-rsyncd package if possible.  I'm having problems with a Windows 10 
backup and would like to see if this is the answer.  Thank you.


-- 
Ted Buchanan
Computer/Network Analyst 
tbucha...@vinu.edu



From:   "GMail YO" 
To: 
Date:   12/01/2016 08:10 AM
Subject:[BackupPC-users] cygwin-rsyncd-3.1.2.0



Hi all,
 
I?m testing a new package BackupPC/cygwin-rsyncd.
It?s based on rsync 3.1.2 with all other upgraded tools (cygwin, 
cygrunsrv, blat, doc)
Quite a simple job going from 3.0.9 package and replacing all I found in 
it.
 
Are you interested to get it ?
 
.YO.
--
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/




--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/

Re: [BackupPC-users] ssh and Mac 10.12 Sierra

[Holger Parplies]

Hi,

Adam Goryachev wrote on 2016-11-30 09:03:01 +1100 [Re: [BackupPC-users] ssh and 
Mac 10.12 Sierra]:
> [...]
> > After permitting root log in the sshd_config file, [...] I could do
> > an ssh from the BPC server to the mac without password.

that is correct - if you are using the root user, root login needs to be
*allowed*. It can be forbidden altogether in /etc/ssh/sshd_config (on Linux
systems, path may vary on other systems), and that would prevent backups
from working. I have no idea how MacOS/X sets this up by default, but it's
definitely a thing to check.

> > [...] However, it quit quickly, with an ???Unable to read 4 bytes error.???
> However, when I set the client name alias to the ip address, it seems to
> have taken. It has been running a backup for 10 minutes, so hopefully that
> is it.

That is strange. The only things I could think of to explain this would be
either a messed up ~backuppc/.ssh/config or messed up DNS resolution,
resulting in BackupPC contacting the wrong server or using the wrong options
when you specify the host name, both of which sound unlikely.

> I would suggest that you revert the ssd_config so that you can benefit 
> from the improved security of rejecting password based root login. 

The thing to note here is that /etc/ssh/sshd_config (or wherever that may
be on MacOS/X) should probably contain

PermitRootLogin without-password

whereas

PermitRootLogin no

*will not work* (for you, that is; people using a different account combined
with 'sudo' can even use this setting).

PermitRootLogin yes

will work but may be less secure. If *you* don't *need* it, don't use it.
***BackupPC does not need or even use it in any case.***

There is a fourth variant which could also be used with BackupPC, but *it
would require additional setup*:

PermitRootLogin forced-commands-only

Since BackupPC may generate different argument lists to rsync, and ssh forced
commands only allow one fixed argument string, you would need a wrapper script
to accommodate for this case. If you don't understand what I'm talking about,
just ignore it and set PermitRootLogin to without-password. I'm just
mentioning it, because sshd_config(5) expressly says

 If this option is set to ``forced-commands-only'', root login
 with public key authentication will be allowed, but only if the
 command option has been specified (which may be useful for taking
 remote backups even if root login is normally not allowed).

This is correct, but, again, will require additional configuration.

To sum it up:

PermitRootLogin
yes .. ok, less secure
no ... not ok
without-password . ok, recommended setting
forced-commands-only . not ok without additional consideration/configuration

Hope that helps.

Regards,
Holger

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/