Hi,
After years of using it, I've found that each Scheduled Backup create one text file with all the SSH connexion informations in clear text in /etc/webmin/virtual-server/backups
I'm on Centos7.6 and I've chosen "Only store hashed password".
Why is it like that?
Thanks
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The reason is that you need to deal with passwords in non-interactive way and it's getting authenticated as:
ssh://root:password@192.168.122.2:/tmp/backup
Remote SSH client just needs to know the password as it is.
Using password for SSH not considreded to be a good practice. I would recommend generating the keys that could be used particularly for the given server's backup, with particular (non-su user) for the most security. However, if your system is compromised and your private key is possessed, it wouldn't matter whether you're using password authentication or not.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Old post however, @rostovtsev : In the Webmin Scheduled Backup page, I want to send backups to a different server via scp, using an account that can only connect using an ssh key pair. The page has a space for username and password, how can I store the private key? The account only exists on the server not on the webmin (client). I tried putting the key in /root/.ssh and also tried creating the account on the client and putting it in /home/accountname/.ssh but Webmin does not pick that up. Thank you in advance.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
After years of using it, I've found that each Scheduled Backup create one text file with all the SSH connexion informations in clear text in /etc/webmin/virtual-server/backups
I'm on Centos7.6 and I've chosen "Only store hashed password".
Why is it like that?
Thanks
Hi, Marc.
The reason is that you need to deal with passwords in non-interactive way and it's getting authenticated as:
Remote SSH client just needs to know the password as it is.
Using password for SSH not considreded to be a good practice. I would recommend generating the keys that could be used particularly for the given server's backup, with particular (non-su user) for the most security. However, if your system is compromised and your private key is possessed, it wouldn't matter whether you're using password authentication or not.
Old post however, @rostovtsev : In the Webmin Scheduled Backup page, I want to send backups to a different server via scp, using an account that can only connect using an ssh key pair. The page has a space for username and password, how can I store the private key? The account only exists on the server not on the webmin (client). I tried putting the key in /root/.ssh and also tried creating the account on the client and putting it in /home/accountname/.ssh but Webmin does not pick that up. Thank you in advance.
I would suggest:
Note: Omit entering password when using the key.