[rdiff-backup-users] Security problem with rdiff over ssh?

[feffer]

Great hints here, I especially liked the idea of hardening sshd_config and the 
.ssh/authorized_keys file.

> Unless you lose the private key, this is secure. But double-check that
> root can login *only* using the key
> (set
> PermitRootLogin without-password
> or even
> PermitRootLogin forced-commands-only
> in sshd_config...
 Although I'm using rdiff-backup now, I was a little bit dishonest about the 
question. I'm considering using rsync to backup my / filesystems, and perhaps 
using rdiff for data files only. So in testing rsync, the permissions/ownership 
issue is a bit different; they aren't stored separately on the server. I tried 
using sudo, but couldn't get this work. IE, I have a special ordinary user, 
"bak" and set sudoers to allow bak to run rsync and ssh. Probably doing 
something wrong, but I'm not really liking that approach. Lots of good 
suggestions here.

+----------------------------------------------------------------------
|This was sent by address@hidden via Backup Central.
|Forward SPAM to address@hidden
+----------------------------------------------------------------------