At 13:40 1-8-2001, you wrote:
On Tue, Jul 31, 2001 at 02:57:21PM +0200, Holger van Lengerich wrote:
Hi,
Use public key authentication as opposed to hard coding the username and password.
Authorization through .shosts or .ssh/authorized_keys should work fine (man ssh). But using an RSAkey without password isn't more secure than using a stored plaintext-password. ;-)
Maybee it's my ignorance .. but wouldn't it be easier to backup the files into a password-protected directory and downloading it from there over ssl / https ?? Then u would keep ur server secure and the backup-machine can be protected all u want as long as it's able to download the file with a script. All u would need to do then is make sure both machines are secured & nobody can read the "client" script wich knows the passwd. J