[CentOS] Howto: Extremely tight security rsync shell for backups
m.roth at 5-cent.us
m.roth at 5-cent.usMon Sep 23 21:44:54 UTC 2013
- Previous message: [CentOS] Howto: Extremely tight security rsync shell for backups
- Next message: [CentOS] Howto: Extremely tight security rsync shell for backups
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Lists wrote: > On 09/23/2013 01:50 PM, Les Mikesell wrote: >> Is there something that convinces you that sudo is better at handling >> the command restriction than sshd would be? > > In the context of a production server, the idea is to remove any ability > from another host (EG: backup server) to run local arbitrary code or > change local files. (read-only) <snip> > You can disable the password on the backup account to achieve a similar > effect using an SSHD option. If there's a better/simpler way to do this > via SSHD option I'd love to hear about it! > Sure. You disable password authentication, and allow keys only, in /etc/ssh/sshd_config. mark
- Previous message: [CentOS] Howto: Extremely tight security rsync shell for backups
- Next message: [CentOS] Howto: Extremely tight security rsync shell for backups
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list