Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] SSH capable version of dump
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Fri, 11 Aug 2000 19:22:24 +0200 (MEST)
  • Message-id: <Pine.LNX.4.21.0008111919360.1206-100000@xxxxxxxxxxxx>
> So there are two questions:
> - Does anybody know about a version of dump that is able to
> cooperate with SSH?

.From the dump manpage:


RSH Dump uses the contents of this variable to determine the name
of the remote shell command to use when doing remote backups
(rsh, ssh etc.). If this variable is not set, rcmd(3) will
be used, but only root will be able to do remote backups.

> - Another solution would be to keep r-services open and restrict them to local
> hosts via /etc/hosts.deny, /etc/hosts.allow and the tcpd. Are there any
> security implications with this solution that I missed?

Hmmm. Running the daemons may be considered a security problem in the
first place. Once you switched to ssh, you might not need the r-services
any more. The only drawback I can see is performance with filetransfers.

> Thanks,
> Thomas

- -
| Roman Drahtm├╝ller <draht@xxxxxxx> "Caution: Cape does not |
SuSE GmbH - Security enable user to fly."
| N├╝rnberg, Germany (Batman Costume warning label) |
- -

< Previous Next >
Follow Ups