Menu
▾
▴
Re: [BackupPC-users] security & web server questions
|
From: Les M. <les...@gm...> - 2013-06-30 17:49:34
|
On Sun, Jun 30, 2013 at 12:24 PM, Grant <ema...@gm...> wrote:
>>> On Linux, how is communication between the clients and the backup
>>> server achieved as far as security? Does the backup server pull or do
>>> the clients push and as which user?
>>
>> This depends on the transfer method:
>> - tar and rsync tunnel their data over ssh -> secure.
>
> I would use this.
>
>> And as reading the basic docs of backuppc tell you, the server pulls
>> the changes from the clients automatically or when told via the
>> web-interface.
>
> Does that mean the server has root read access to the entire
> filesystem of each of the clients via SSH keys?
And usually write access as well. Some people use a different login
on the clients adding sudo with restrictions on the command that can
be run as root. You can also use restrictions with an ssh key for
some control over the allowed commands, but you can't really get
around the need to read anything you want to back up and to write if
you want to restore.
--
Les Mikesell
les...@gm...
|