[Mageia-dev] SSH PAM configuration

Colin Guthrie mageia at colin.guthr.ie
Tue Aug 14 11:01:52 CEST 2012


'Twas brillig, and Anne Wilson at 13/08/12 18:06 did gyre and gimble:
> On 13/08/12 11:04, Olav Vitters wrote:
>> On Mon, Aug 13, 2012 at 09:39:07AM +0100, Anne Wilson wrote:
>>> Why would anyone need root login over ssh?  I don't allow it on
>>> my server and it has never caused me any problems.  Su to root
>>> works perfectly well and avoids the security risk, so I don't
>>> understand this thread.
> 
>> Remote backups. Quite easy to setup an SSH key which only runs
>> rsync.
> 
> I use rsync on the server for local backups, and I use SSH with keys
> to access the server from laptops for maintenance tasks, but I have
> never managed to make rsync over ssh with keys work.  People tell me
> to just use ssh without keys, but I'm reluctant to do that.  Maybe one
> day I'll find something that steps me through it, so that I can find
> the missing link.

In this case if you want a special key that can *only* run rsync you
need to configure your authorized_keys correctly with appropriate
command= definition.

But even without specific setup if you can ssh between hosts happily,
just do "rsync -e ssh"  on the client side and just use
foo at remote:/path/to/files syntax. Job done :)

Col

-- 

Colin Guthrie
colin(at)mageia.org
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/


More information about the Mageia-dev mailing list