On Mon, Dec 15, 2008 at 12:51:38PM +0000, Brett Parker wrote:
That would strike me as the better practice because now with a key only based authentication between two boxes if 192.168.1.7 got compromised then it would have open root access to the other machine.
See above, you shouldn't need to do that if you limit the command set in the authorized_keys file.
I had originally implemented what I wanted by using 'from "xxx, yyy"' in the authorized_keys file but the Match way is a lot simpler and while maybe not quite so secure is good enough.
Hmm, so I'm assuming that will allow any root command to run, then...
I'd suggest that's not a good idea overall ;)
As I said I hardly matters as the command that needs to work is a backup command so anyone who can run the command can do just about anything they want - copy files, delete files, overwrite files, etc. They can also of course change the ssh_config file and/or the authorized_keys file so it matters not what you put in there really once someone has root access on 192.168.1.7.