Using rsync to backup remote server as root

Andrew Gideon c182driver1 at gideon.org
Sun Aug 30 18:24:20 MDT 2009


On Thu, 27 Aug 2009 16:30:55 +1200, Nathan Ward wrote:

> --rsync-path="sudo rsync"

Another way to achieve something similar would be to have PermitRoot set 
to without-password, and then set up a key pair for remote login.  In 
authorized_keys2, the remote access for this key pair can be limited to 
the rsync command.

When considering these, be sure to look at your security goals and how 
they're impacted.  In the sudo case, you're giving a user account the 
ability to run rsync as root.  That is, effectively, read-write access to 
everything.

In the without-password case, you're giving similar access to anyone that 
has access to the private key (though you can limit this to a given IP 
address in authorized_keys2).  

It goes further than this (ie. the sudo case is also giving that read-
write access to the remote user running the backup command).  I'd want to 
give this some careful thought before choosing.

There's also the possibility of combining the two ideas.  The remote user 
logs into a local non-root user.  This is done using a key pair, and the 
local user has no password (so no password attacks on the local user 
account).  The key pair, via authorized_keys2, has access only to the 
"sudo rsync" command.

	- Andrew


More information about the rsync mailing list