On 10/13/07, Alan Cheers <[EMAIL PROTECTED]> wrote: > If you had multiple people making rsync backups over ssh wouldn't it be > preferred to use the single-use daemons from a security standpoint? If > multiple people use this method I would want to limit the chance of somebody > being able to grab or overwrite somebody else's data. Which do you think is > better for a multiuser setup?
If the users have full shell accounts on the destination system (or you are willing to give them accounts), then each user can push backups to his/her own account over ssh and can't access anyone else's backups. A single-use daemon could optionally be used for the convenience of having the backups rotated automatically but would not be involved in the security model. If the users do not have shell accounts, then the daemon becomes important as a gatekeeper. The easiest setup would use a background (opposite of single-use) daemon with one module for each user. A user would authenticate to the daemon using a username/password configured in the daemon's secrets file and could then access only his/her own module according to the "auth users" setting in the rsyncd.conf. Note that the daemon protocol provides neither encryption nor integrity-checking for the connection, so if there is the potential for untrusted people to tap the connection, you should protect it somehow. One relatively easy way is to convert the daemon to a single-use daemon over ssh, create an authorized key that has a forced command that invokes the single-use daemon, and publish the authorized key for everyone to use. This way, any user can log in through ssh and know they have a secure connection to the daemon, but then he/she must authenticate to the daemon to gain access to modules. Note: If you intend to deploy rsync for a specific purpose (rather than just learn about it), it would help if you gave me the entire picture now instead of revealing it piece by piece. Let's bring this conversation onto the list in case the information is useful to others in the future. Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html