Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
RE: [suse-security] Secure Backup
  • From: "Ronny Martin" <rmartin@xxxxxxxxxxxxxx>
  • Date: Thu, 4 Dec 2003 10:49:23 +0100
  • Message-id: <88D162ED41C21A428A51B39614501BFC01BD7AE4@xxxxxxxxxxxxxxxxxxxxxx>
also encountered this on freshmeat before:

http://www.anarcat.ath.cx/software/bksh.en.html

Haven't used it, but it is a limited shell especially for backups over ssh.

--
Ronny Martin


> -----Original Message-----
> From: Andrei Bintintan [mailto:klodoma@xxxxxxxxx]
> Sent: Thursday, December 04, 2003 10:45 AM
> To: Mario Ohnewald; suse-security@xxxxxxxx
> Subject: Re: [suse-security] Secure Backup
>
>
> My opinion is to create a single user(which is not in the
> root list!!!!) and
> use this user to copy the backup files.
>
> You can make an arhive with your files and send only that archive.
> You will have to create the public/private key for this user
> and to copy
> first the backups in his home directory. Then with local
> script (that can
> have root privileges) you can move that file wherever you
> want. Can use also
> multiple files. (I use SCP command for copy)
>
> I see this way more secure. Don't have to access with public
> root keys and
> if a machine becomes compromized on the other only THAT single user is
> accessible. Give to that user no other rights, just for that
> backup copy.
>
> I would like to see also other ideeas.
>
> Bers regards.
> Andy.
>
> PS: i'm not that good at linux... but learning...
>
>
> ----- Original Message -----
> From: "Mario Ohnewald" <mario.Ohnewald@xxxxxx>
> To: <suse-security@xxxxxxxx>
> Sent: Thursday, December 04, 2003 11:31 AM
> Subject: [suse-security] Secure Backup
>
>
> > Hello!
> > I have two boxes and want to save a backup of each others on it.
> > So far i have created a ssh key for both machines so i can
> make a ssh
> rsync
> > to each other.
> > But the terrible sideeffect is that IF one of those boxed
> get compromized
> > the cracker will be root on both of them!!!
> >
> > My Backup script:
> > #--- START
> >
> ---------------------------------------------------------------------
> > #!/bin/sh
> > speed=500
> > verzeichnisse="etc home root boot usr/local/bin/"
> >
> > for verzeichniss in $verzeichnisse
> > do
> > find /$verzeichniss -size +10200k | rsync -avvz
> --exclude-from=-
> > --delete -e "ssh" /$verzeichniss bortal.de:/backup/sts/
> > done
> > #--- END
> >
> --------------------------------------------------------------
> -----------
> >
> >
> > I need to save it on each other because both have a 100MBit Internet
> > connection which makes a restoring backup easy! So a tape
> Backup is not
> really
> > possible. :/
> >
> > Any ideas/hints?
> >
> >
> > Cheers, Mario
> >
> > --
> > +++ GMX - die erste Adresse für Mail, Message, More +++
> > Neu: Preissenkung für MMS und FreeMMS! http://www.gmx.net
> >
> >
> >
> > --
> > Check the headers for your unsubscription address
> > For additional commands, e-mail: suse-security-help@xxxxxxxx
> > Security-related bug reports go to security@xxxxxxx, not here
> >
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
>



< Previous Next >
References