1 |
Am 01.07.2013 16:08, schrieb Grant: |
2 |
>>>> There is no sacrifice, you are running rsync as root on the client |
3 |
>>>> either way. Alternatively, you could run rsyncd on the client, which |
4 |
>>>> avoids the need for the server to be able to run an SSH session. |
5 |
>>> |
6 |
>>> I think the sacrifice is that with the backuppc method, if someone |
7 |
>>> breaks into the backup server they will have read(/write) access to |
8 |
>>> the clients. The method I'm describing requires more management if |
9 |
>>> you have a lot of machines, but it doesn't have the aforementioned |
10 |
>>> vulnerability. |
11 |
>>> |
12 |
>>> The rsyncd option is interesting. If you don't want to restore |
13 |
>>> directly onto the client, there are no SSH keys involved at all? |
14 |
>> |
15 |
>> Not even then, the server talks to the client in the same way for |
16 |
>> restores as it does for backups, so it would still use rsyncd if you |
17 |
>> wanted it to. |
18 |
> |
19 |
> Hmmm, now that I think about it, I guess the server accessing the |
20 |
> client via rsyncd still provides the server with root read/write |
21 |
> access to the client just like SSH keys. |
22 |
> |
23 |
>> I don't think it too unreasonable to assume that a machine with no ports |
24 |
>> exposed to the Internet will not be compromised from the Internet. |
25 |
>> Whereas a push approach requires that the server have open ports. |
26 |
> |
27 |
> Agreed, but this requires that the backup server is local to the admin |
28 |
> which may not be possible. openvpn requires open ports of course. |
29 |
> There's also the possibility of a local break-in.... |
30 |
> |
31 |
That' how we do it. The backuppc server is in our local lan, and only |
32 |
accessible from local lan. It pulls backups from all our machines in |
33 |
offsite data centers. To compromise our backuppc machine one would have |
34 |
to physically break into our companies building. |
35 |
But if somebody has physical access to the machine on which you store |
36 |
your backups, you're screwed, no matter if you use push or pull backup :) |