[lbackup-discussion] Backup server and ssh permitrootlogin settings

[Scott Haneda]

At this point, I am not even using lbackup for this, and just trying a  
very basic set of rsync commands from live_host to backup_host.

In my sshd config, I have permit root logins to no.

I have set up ssh keys for passwordless logins from live_host to  
backup_host in my admin account.  I tried to do so in /var/root/.ssh  
but was not able to get that to work.

Then it dawned on me, the permit root login to no is probably what is  
causing it.

Here is a basic test: (patched rsync of course)
/opt/local/bin/rsync -aNHAXxv --protect-args --fileflags --force- 
change --rsync-path="/opt/local/bin/rsync" ~/ me at backup_host:/Users/me/ 
Desktop/foo

So, backup home dir of live_host to the desktop directory foo on  
backup_host.

All works fine, I am not bothered for a password, but I get errors  
when I hit a few root owned files I intentionally put in ~ on live_host

Obviously, I do not want to allow root logins.  I tried path="sudo / 
opt/local/bin/rsync" which asks for a password, but actually shows  
what I type in the shell, though it was not logged to .bash_history,  
so I suspect it was not doing anything.  I do not think this is a  
valid approach anyway, since I want scheduled and automated backups  
with launchd.

I suspect one way would be to allow root login form localnets, or a  
specific IP or host.  I can not seem to find how to do that.

What are some suggested, to get my simple test case working?  I  
suppose I could mount backup_host on live_host, but I do not live file  
sharing enabled on OS X on a public facing server.

Thanks for any suggestions.
-- 
Scott * If you contact me off list replace talklists@ with scott@ *