On 30-11-11 20:01, John Hinton wrote:
> On 11/30/2011 1:55 PM, Benjamin Donnachie wrote:
>> On 30 Nov 2011, at 18:51, Les Mikesell<lesmikesell@xxxxxxxxx> wrote:
>>
>>> Ssh is mostly about being able to log in.
>> I've always adopted the policy of disabling root logins, making admins
>> use a separate account with public/private key authentication and then
>> requiring them to use su to elevate privileges.
>>
>> Has the advantage that your logs will tell you who logged in and
>> performed an action rather than the vague 'root'.
>>
>> Ben
>>
> How would you automate daily logins from another server to do something
> like rsync the entire /etc directory to a backup system?
Maybe the sshd_config option "PermitRootLogin forced-commands-only"
could help? This allows root logins but limits which command(s) can be
executed. There is a description of how this works here:
http://troy.jdmz.net/rsync/index.html
Regards,
Patrick
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
