 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Yes, the line I put in authorized_keys includes "from=backup-server.example.com" and "command=/usr/bin/rsync", or settings to that effect. On Wed, Jul 16, 2008 at 3:09 PM, Dan Ritter <[hidden email]> wrote: > On Wed, Jul 16, 2008 at 03:02:02PM -0400, John Abreau wrote: >> On Wed, Jul 16, 2008 at 2:06 PM, Bill Bogstad <[hidden email]> wrote: >> >> > It's trivially easy to turn root login back on. Just give root a >> > password (and enable root login in your sshd config file) and >> > you should be golden. I generally use sudo if I'm already on the >> > machine in question, but if I'm accessing a *buntu machine remotely >> > I tend to ssh directly to root. >> >> My preference is to set AllowUsers in sshd_config so only the specified >> users can login via ssh. I restrict root logins to specific origins, e.g. >> >> AllowUsers [...] [hidden email] >> >> to allow root logins from the rsync backup server. I also disallow >> password authentication and instead drop an ssh public key into >> /root/.ssh/authorized_keys > > Remember that you can (and should!) further limit what can be > done with that public key with restrictions in authorized_keys: > > man sshd, section AUTHORIZED_KEYS FILE FORMAT. > > -dsr- > > > -- > http://tao.merseine.nu/~dsr/eula.html is hereby incorporated by reference. > > When freedom gets lots of exercise, it protects itself. >
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
