| 1 |
>> >> I'm setting up an automated rdiff-backup system and I'm stuck between |
| 2 |
>> >> pushing the backups to the backup server, and pulling the backups to |
| 3 |
>> >> the backup server. If I push, I have to allow read/write access of my |
| 4 |
>> >> backups via SSH keys. If I pull, I have to enable root logins on each |
| 5 |
>> >> system to be backed-up, allow root read access of each system via SSH |
| 6 |
>> >> keys, and I have to deal with openvpn or ssh -R so my laptop can back |
| 7 |
>> >> up from behind foreign routers. The conventional wisdom online seems |
| 8 |
>> >> to indicate pulling is better, but pushing seems like it might be |
| 9 |
>> >> better to me. Do you push or pull? |
| 10 |
>> > |
| 11 |
>> > I would push, to be honest. |
| 12 |
>> |
| 13 |
>> What can be done about the fact that any attacker who can break into a |
| 14 |
>> system and wipe it out can also wipe out its backups? That negates |
| 15 |
>> one of the reasons for making the backups in the first place. |
| 16 |
> |
| 17 |
> True, except if, after a backup is finished, you move the actual backup to a |
| 18 |
> different location. (Or you backup the backup server) |
| 19 |
|
| 20 |
I do back up the backup server to another system via rsync, but if the |
| 21 |
backups on the backup server are wiped out, rsync will wipe them out |
| 22 |
on the other system too. |
| 23 |
|
| 24 |
> I store all important files on my server and the backups there can not be |
| 25 |
> accessed from the fileserver itself. (That backup is done in "pull" mode every |
| 26 |
> night.) |
| 27 |
|
| 28 |
I thought you were in favor of "pushing"? How do you back up to a |
| 29 |
system that can't access the backups? |
| 30 |
|
| 31 |
>> Should private SSH keys be excluded from the backup? Should anything |
| 32 |
>> else be excluded? |
| 33 |
> |
| 34 |
> When a host is compromised, the corresponding entries in the "authorized_keys" |
| 35 |
> should be removed from all other servers/hosts. This will make those private |
| 36 |
> keys useless. |
| 37 |
|
| 38 |
So it's OK to back up a private key to another system? I just want to |
| 39 |
make sure I'm not breaking a "good admin" rule by doing this. |
| 40 |
|
| 41 |
- Grant |
Archives