Re: Howto: Extremely tight security rsync shell for backups

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Lists wrote:
> On 09/23/2013 02:44 PM, m.roth@xxxxxxxxx wrote:
>> Lists wrote:
>>> On 09/23/2013 01:50 PM, Les Mikesell wrote:
>>>> Is there something that convinces you that sudo is better at handling
>>>> the command restriction than sshd would be?
>>> In the context of a production server, the idea is to remove any
>>> ability from another host (EG: backup server) to run local arbitrary
code or
>>> change local files. (read-only)
>> <snip>
>>> You can disable the password on the backup account to achieve a similar
>>> effect using an SSHD option. If there's a better/simpler way to do this
>>> via SSHD option I'd love to hear about it!
>>>
>> Sure. You disable password authentication, and allow keys only, in
>> /etc/ssh/sshd_config.
>
> This prohibits SSH logins via password, but does not strictly enforce
> what commands are allowed to be run (and all options allowed) by a
> specific which is what I was looking for.
>
> Having done a bit more research, It does appear that you could use the
> "ForceCommand" option and disable passwords altogether for a user to
> achieve a similar effect with SSHD.

Right, but a) it very much limits who can get in. Another thing is that
you can run the backups from a cron job as a push, instead of a pull.

And the other user still leaves the issue of ownership - only root can
copy a user's home directory, or a project directory owned by that
project, and keep it all the same.

And don't forget to save selinux contexts....

      mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux