How to manage root<-->root rsync keeping permissions?
andy at strugglers.net
Wed Aug 4 07:46:54 UTC 2021
On Tue, Aug 03, 2021 at 03:05:27PM +0100, Chris Green via rsync wrote:
> Remember, as I said, this is all Debianland with no real root login,
> while I could add one I'd prefer not to.
Your system already has a root user and if you added an SSH public
key to its authorized_keys file (and allowed root login by public
key only in sshd_config) then SSH login would work. The only form of
login you would have added is "by this specific ssh key". The
account could still remain password locked as it is now.
It is difficult for me to see why such a setup would be inherently
more secure than one where a regular user account can do absolutely
anything (i.e. run rsync as root without password prompt),
especially given that a regular user account is likely to run a lot
of other software some of which may have bugs.
But we all choose our security stance.
> I've set it up so chris can run rsync with root permissions.
> However I'm not quite sure how to get it to work as one needs to say
> "sudo rsync" to get the root privilege. How do you do that?
The first link I sent you had an example of that: --rsync-path="sudo
More information about the rsync