[nycbug-talk] rsync only for backups
Francisco Reyes
lists
Fri Nov 11 12:58:16 EST 2005
On Wed, 9 Nov 2005, George R. wrote:
> Have been using this for a few clients to do rsync with OpenSSH on Windows,
> so thought I'd spread the word.
> http://freebsdwiki.net/index.php/SSH:_Limiting_to_SCP_or_Rsync_only
I recently saw a port for that type of work.
http://www.freebsd.org/cgi/url.cgi?ports/shells/scponly/pkg-descr
The port can also be configured to use unison instead of rsync.
Plan to try the port this weekend and will report back to the list.
> This is not a 100% secure solution as the user can rsync/scp/sftp to anywhere
> that they have rights to. . . but at least it's a start.
True, but it's more secure than a regular shell.
My plan is to setup a long password, which I will
never use, and to setup a passwordless key.
* Machine A where data will be copied
Has passwordless key
Data will be copied to it.
* Machine B has public key in ~/.ssh/authorized_keys2
User has scponly shell
User has very long password, which I never plan to use.
Data is coming from that machine
More information about the talk
mailing list