Bill Moran wrote:
Personally, I'd set auth to password, then keep the password in a file in root's home directory and set it readable by root only. If an attacker can read that file, he already doesn't need to. This does mean that you'll have to carefully secure the script you use to make backups, since they'll need to have the password in them. But you'll need to carefully secure your backups anyway or all the other security is rather pointless.
I'd run it as a non-root backup-specific user. That way if someone compromises the backup process they're limited in the amount of damage they can do (since the user will only have write access to a few directories). Also makes auditing easier if you're that way inclined.
-- Richard Huxton Archonet Ltd
