Re: [rdiff-backup-users] my usage model assumptions

[Fred]

Having thought about my assumptions some more, I realized that I'm
asking for the rsync usage model.  It's possible to run an rsync server 
directly (without ssh) on a specific port, and to limit access for the
clients.

On Wed, 2004-02-18 at 00:06, Keith Edmunds wrote: 
> I have been using rdiff-backup for a well over a year with the cron jobs
> on the client rather than the server. It isn't hard to do - I used the
> principles outlined in the 'unattended rdiff-backup' document. If you
> have problems implementing this then shout and I'll see if I can help.

Thanks for the offer; I've got it working on the clients too.  I'm just
not totally happy with the arrangement.

> In principle, my setup is that the cron job on the client runs as root,
> but runs on the server under a non-priv'd account. It is therefore
> relatively simple to restrict writes to the client's own directory tree.

Yes, that's a good idea.  I just figured out another way to do this,
which is to add --restrict to the .authorized_keys2 file in the
"unattended rdiff-backup" document:

        primary# cat >>/root/.ssh/authorized_keys2 <<EOF
        command="rdiff-backup --server --restrict /var/backups" ssh-rsa 
AAAAB3NzaC1yc2EAAAAB[...] address@hidden
        EOF

> This I have not done (although, coincidentally, I have an ssh-related
> problem which means I'd like to avoid ssh for one of my clients.
> However, rdiff-backup does have the '--remote-schema' switch which
> should pave the way to achieving what you want. I'd be interested to
> know how you get on, though.

I may no longer have time to work on this now but when I do I will let
you know what I come up with.

On Wed, 2004-02-18 at 02:27, David Kempe wrote:
> on windows we use plink with the remote-schema .
> it works pretty well - an example is in the archives.
> I think you need an ssh transport at this stage - how else to do you 
> start rdiff-backup --server?

Perhaps with inetd?

Fred