Hello, I've looked around and found a few different approaches to
this. Looking for a discussion of the pros, cons, and best practices.
I want to use rsync over an ssh connection to clone one machine to
another. This means one end will need root login.
Right now I have passwordless keys to allow myself to login. Root
login is disabled.
Would an acceptable method be to allow root login from a specific IP
address? Or is there some other way to allow root privilege use
between a source and destination host without opening it up by IP?
This is for backups, and only ever will be machine to machine, same
subnet. I'm not immediately seeing how to set granular permissions
based on conditions like IP, MAC, or other harder to spoof credentials.
I'd it better to pull backups or push backups, or equivalent?
The backup machine could be made to have no public access at all.
Thanks for any pointers.
--
Scott
Iphone says hello.