[TriLUG] copying files
Robert Dale
robdale at gmail.com
Fri Jun 22 13:44:03 EDT 2012
Or do it the other way around. Have the server initiate rsync+ssh
requests to the clients. Then you could have passphrase-less keys of
the clients on the server and have the clients trust the server's key.
Then you don't need any access from the client to the server.
On Fri, Jun 22, 2012 at 1:41 PM, Bill Farrow <bill at arrowsreach.com> wrote:
> On Fri, Jun 22, 2012 at 1:17 PM, Joseph Mack NA3T <jmack at wm7d.net> wrote:
>> Someone could take the box home and open it up.
>
> So you will have to treat the client boxes as compromised at all
> times. The only way to secure this properly is at the server.
>
> To provide a level of security, you can use the rsync daemon
> configured to have each client authenticate with a separate username
> and password, and also separate the file accesses and limit them to
> write only. All authentication is done by rsyncd and you don't need
> to create accounts on the server for each client.
>
> Therefore clients would never have shell access on the server, can
> only write files to a particular directory on the server, and do not
> have access to files from other clients.
>
> Using rsyncd might also give you a speed up because it will not
> encrypt the data during transfer. If you want encryption, use it over
> ssh.
>
> Bill
> --
> This message was sent to: Robert Dale <robdale at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : http://www.trilug.org/mailman/options/trilug/robdale%40gmail.com
> TriLUG FAQ : http://www.trilug.org/wiki/Frequently_Asked_Questions
--
Robert Dale
More information about the TriLUG
mailing list