[lbackup-discussion] Backup server and ssh permitrootlogin settings

[henri]

> In my sshd config, I have permit root logins to no.

Okay I understand.


> I have set up ssh keys for passwordless logins from live_host to  
> backup_host in my admin account.  I tried to do so in /var/root/.ssh  
> but was not able to get that to work.

One thing to consider, with regarding providing access to the backup  
system, from the system you are backing up; should the machine you are  
making backups from be compromised then there will be somewhere on the  
backup system with write permissions allowed from the machine you are  
backing up. This is potentially dangerous. Further information is  
available from the following link :

http://connect.homeunix.com/lbackup/network_backup_strategies


> Then it dawned on me, the permit root login to no is probably what  
> is causing it.
>
> Here is a basic test: (patched rsync of course)
> /opt/local/bin/rsync -aNHAXxv --protect-args --fileflags --force- 
> change --rsync-path="/opt/local/bin/rsync" ~/ me at backup_host:/Users/ 
> me/Desktop/foo
>
> So, backup home dir of live_host to the desktop directory foo on  
> backup_host.
>
> All works fine, I am not bothered for a password, but I get errors  
> when I hit a few root owned files I intentionally put in ~ on  
> live_host

One option is to set these files to be owned by the person who is  
backing them up?

> Obviously, I do not want to allow root logins.  I tried path="sudo / 
> opt/local/bin/rsync" which asks for a password, but actually shows  
> what I type in the shell, though it was not logged to .bash_history,  
> so I suspect it was not doing anything.  I do not think this is a  
> valid approach anyway, since I want scheduled and automated backups  
> with launchd.

It is possible to configure sudo for a user so that it will not  
require a password. Although I would not personally recommend this  
approach.

Also, threads from the following rsync mailing list archives should be  
helpful for you :

http://lists.samba.org/archive/rsync/2009-January/022594.html
http://lists.samba.org/archive/rsync/2009-September/023834.html


> I suspect one way would be to allow root login form localnets, or a  
> specific IP or host.  I can not seem to find how to do that.

This would be a question for the SSH mailing list. Although, I am  
aware that using the command option within ssh may be used to specify  
which be used to restrict the use of a key to an IP address for  
example. This is similar to the information at the following link : http://connect.homeunix.com/lbackup/network_backup#wrapper_usage

Essentially, is possible to put other information into the command  
section of the authorized hosts configuration file.

Another alternative is to consider a firewall? Although, this would  
completely restrict access to the SSH service. Probably, not what you  
are after. I think that if you do not find what you are looking for  
with regards using the command section of the authorized hosts  
configuration file then I would recommend the SSH mailing lists. What  
ever information you discover would be welcomed on this list.

Chances are there is a way to do this from the sshd configuration.  
However, I am not aware of how to configure this. If you work it out  
then please consider adding this information to the LBackup  
documentation or passing it along to me to add.


> What are some suggested, to get my simple test case working?  I  
> suppose I could mount backup_host on live_host, but I do not live  
> file sharing enabled on OS X on a public facing server.

I would not recommend a push backup.

If you have any further questions then please let me know. I will try  
to help.