[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Secure Backup




if you really need the permissions etc.,
run on the target as root,
log in unpriviledged on the source.
on the source, you can even have a "forced command"
configured for your ssh key.
in case you for some reason really want to run as root on the
source box, too, forced command is your best friend, since
then the "attacker" only has access to the files, which he
obviously has already anyways (at least to their most recent
backup).

man sshd
.ssh/authorized_keys2 file format
command='...'

	Lars Ellenberg

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here