i am trying to come up with a backup/restore plan. backupmachine will pull data from workmachine. thinking of using rsnapshot to do it.
what's the danger of configuring ssh on workmachine to allow root access without a passphrase and limiting the command using 'command=' in authorized_keys? if someone roots backupmachine, they are limited to workmachine by what i specified in 'command='
this is similar to what i am planning, but he prefers a backupuser on workmachine.
for my command in 'command=', i was going to use a script like the one below and list the commands i want allowed.
case "$SSH_ORIGINAL_COMMAND" in
file permissions would be set to only allow root access to the script.