On Tue, Dec 16, 2008 at 02:23:01PM +0000, Brett Parker wrote:
On 16 Dec 12:58, Chris G wrote:
It's copying files from the 'remote' machine to 'this' machine, I have the backup running as a cron job on the system where the backups are stored. If that isn't 'copying files' then I don't know what is! :-)
The issue is that as it is running with root privileges it can copy *any* file it likes including all the ssh public and private keys so once you have them you have a pretty free hand to do what you want don't you?
The remote machine, i.e. the not-backup-server, is purely serving files. Yes, they are being "copied" to the backup box, but I'd hope that the backup box is secured. Having the public/private key pair of the machine that you're backing up isn't going to help, unless your silly and put the locally generated public key in to the authorized_hosts file for that box. Being able to copy *from* is not the same as being able to copy *to*.
Dya get it yet?
The *important data* is on the remote machine!!!! That's why I'm backing it up!!!! Yes, I'm trying to make the backup machine a little *more* inaccessible than the other machine but it's really only a "little better".
When all's said and done I'm not trying to secure all this against serious attacks. It's not going to be CIA/MI5 proof, it's probably not proof against concerted (paid for?) attack by another business but I've not got any data they want to know about (well, I don't think I have!). All I'm trying to do is to make my systems fairly safe against most likely attacks and also safe against local disasters like a fire.