Although it's a bit confusing, the man page for rsync describes how to invoke SSH to as your remote shell, and the manpage for SSH describes how to do key-based authentication. Taken together, these methods can help when a normal user environment is not present (e.g. in a web script, or from cron). This webpage offers a good explanation of HOWTO http://troy.jdmz.net/rsync/index.html
Greg Rundlett On Mon, Jun 25, 2012 at 1:14 PM, Daniel Convissor < dani...@analysisandsolutions.com> wrote: > Hi David: > > > It was very wise of Hans to also recommend to create > > /home/apache instead of using the default /var/www because a nasty user > > could have easily accessed the .ssh directory there and gotten the > > public/private keys, and the known hosts. > > Well, they still do. Though the attacker would have to be able to > add/edit a script on your server, putting in code that reads the > files from the /home/apache dir. > > --Dan > > -- > T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y > data intensive web and database programming > http://www.AnalysisAndSolutions.com/ > 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 > _______________________________________________ > New York PHP User Group Community Talk Mailing List > http://lists.nyphp.org/mailman/listinfo/talk > > http://www.nyphp.org/show-participation >
_______________________________________________ New York PHP User Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/show-participation
