mixed system backups

Kim Holburn kim.holburn at anu.edu.au
Thu Jan 3 14:14:11 EST 2002 

At 1:52 PM +1100 02/1/3, Damien Elmes wrote:
>Burn Alting <burn at goldweb.com.au> writes:
>
>> Hi Guys,
>>
>> A quick question ...
>>
>> I've got a mixed system of Suns and Linux boxen. My tape drive is on one of
>> the Sun's and I intend to put a simple script to backup all my filesystems.
>> I intend to use rsh to execute dump/rdump commands remotely - so I can access
>> the filesystems on the relevant local box. Yes, rsh ... not that secure, but
>> the firewall is nice and tight.
>>
>> My problem is that rsh rejects access to root all the time.
>>
>> I have a Redhat 7.2 system.
>>
>> I've enabled rsh in xinetd and added the -h flag. I have set up a
>> /root/.rhosts (chmod'd to 400) and have lists the fully qualified local hosts
>> and the root user, but I still get Permission denied either executing rsh
>> locally or from one of my boxes.
>>
>> I can rsh from a normal user though.

Your tape drive is on the sun? Then rsh is just a client on the linux box.  You running Solaris on the suns? or linux?  If you're running Solaris you don't need to touch inetd on the linux boxes.  Solaris <=2.7 comes with rsh configured in a useable but insecure way.  You only need root access on the box that is being backed up.  On the Sun with the tape drive it is better to have a special user to do the backups.  In that user's home put a .rhosts file with the following text:
linuxbox1.localdomain root
linuxbox2.localdomain root
linuxbox3.localdomain root
sunbox1.localdomain root

(Change the names to the correct ones or ip numbers)

gnutar is better than dump.  dump/rdump/ufsdump has real problems, read what Linus says about it!!!  Technically you must unmount a volume before using dump.

> > Any pointers - even alternatives to rsh from the more security wise.
>
>ssh with RSA or DSA keys.

Forget it unless you want to have your machines spend 90% of their time encrypting and decrypting.

Kim
-- 
--
Kim Holburn  Network Consultant  P/F: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au - PGP Public Key on request

Life is complex - It has real and imaginary parts.
     Andrea Leistra (rec.arts.sf.written.Robert-jordan)

More information about the linux mailing list