Quote:
Originally Posted by thekraken99
Which method is more a more secure viable option when it comes to transfering the files using the rsync daemon or over a encrypted ssh connection? and to access the files I want to backup from one account I'd have to use root. Which I don't want to do as I have root ssh login disabled, and using root when you don't have to is bad practice. There has to be an easy way to make a user that has access to read all files on the server? Assuming rsync only needs read to copy the files.
|
You're right for not wanting to expose the root user over SSH, that's definitely not a SSH best practice. So that only leaves you with storing files as unprivileged user. To combat mishaps (even if your distro doesn't use a capable package management system that allows you to restore permissions and ownership) DAC data is easily retrieved:
Code:
find /some/dir -printf "%U|%G|%m|%l|%s|%y|\"%p\"\n">/other/path/dir.attr
and easily restored:
Code:
awk -F'|' '{print "chown "$4":"$5, $NF,"; chmod "$6,$NF}' /other/path/dir.attr
Quote:
Originally Posted by thekraken99
What are some typical rsync setups, how do you have the user setup?
|
Scripted rsync over SSH with unprivileged user.
Quote:
Originally Posted by thekraken99
what files do you backup?
|
Rsync is effective for files that change. With directories containing humonguous amounts of files you may run into time constraints due to checking. Certain things shouldn't be done with rsync like databases: those should be dumped, encrypted and then transferred. You won't gain much from using rsync there.
*Rsync allows you to use a "--log-file", which comes in handy when you want to check syncing details, and both "--dry-run" and "--backup" which comes in handy when testing your backup procedure.