mixed system backups
kim.holburn at anu.edu.au
Thu Jan 3 14:14:11 EST 2002
At 1:52 PM +1100 02/1/3, Damien Elmes wrote:
>Burn Alting <burn at goldweb.com.au> writes:
>> Hi Guys,
>> A quick question ...
>> I've got a mixed system of Suns and Linux boxen. My tape drive is on one of
>> the Sun's and I intend to put a simple script to backup all my filesystems.
>> I intend to use rsh to execute dump/rdump commands remotely - so I can access
>> the filesystems on the relevant local box. Yes, rsh ... not that secure, but
>> the firewall is nice and tight.
>> My problem is that rsh rejects access to root all the time.
>> I have a Redhat 7.2 system.
>> I've enabled rsh in xinetd and added the -h flag. I have set up a
>> /root/.rhosts (chmod'd to 400) and have lists the fully qualified local hosts
>> and the root user, but I still get Permission denied either executing rsh
>> locally or from one of my boxes.
>> I can rsh from a normal user though.
Your tape drive is on the sun? Then rsh is just a client on the linux box. You running Solaris on the suns? or linux? If you're running Solaris you don't need to touch inetd on the linux boxes. Solaris <=2.7 comes with rsh configured in a useable but insecure way. You only need root access on the box that is being backed up. On the Sun with the tape drive it is better to have a special user to do the backups. In that user's home put a .rhosts file with the following text:
(Change the names to the correct ones or ip numbers)
gnutar is better than dump. dump/rdump/ufsdump has real problems, read what Linus says about it!!! Technically you must unmount a volume before using dump.
> > Any pointers - even alternatives to rsh from the more security wise.
>ssh with RSA or DSA keys.
Forget it unless you want to have your machines spend 90% of their time encrypting and decrypting.
Kim Holburn Network Consultant P/F: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au - PGP Public Key on request
Life is complex - It has real and imaginary parts.
Andrea Leistra (rec.arts.sf.written.Robert-jordan)
More information about the linux