On 16 Dec 12:58, Chris G wrote:
It's copying files from the 'remote' machine to 'this' machine, I have the backup running as a cron job on the system where the backups are stored. If that isn't 'copying files' then I don't know what is! :-)
The issue is that as it is running with root privileges it can copy *any* file it likes including all the ssh public and private keys so once you have them you have a pretty free hand to do what you want don't you?
The remote machine, i.e. the not-backup-server, is purely serving files. Yes, they are being "copied" to the backup box, but I'd hope that the backup box is secured. Having the public/private key pair of the machine that you're backing up isn't going to help, unless your silly and put the locally generated public key in to the authorized_hosts file for that box. Being able to copy *from* is not the same as being able to copy *to*.
Dya get it yet?