<p>Create a backup user called <machine>bak for each machine and again on the backup machine so it has individual bak accounts. Use ssh keys and have each machine rsync to their own directory space. No more admin peeking on backups.</p>
<div class="gmail_quote">On Jan 12, 2012 11:08 PM, "Wolf Halton" <<a href="mailto:wolf.halton@gmail.com">wolf.halton@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br><br><div class="gmail_quote">On Tue, Dec 27, 2011 at 4:27 PM, Jim Kinney <span dir="ltr"><<a href="mailto:jim.kinney@gmail.com" target="_blank">jim.kinney@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I stand happily corrected!<br><br>old habits die hard. My first foray into rsync required -e ssh and I guess I just glossed over reading that it now the default. I've never used it on a network where ssh was NOT in use :-)<div>
<div><br>
<br><div class="gmail_quote">On Tue, Dec 27, 2011 at 10:42 AM, Brian Mathis <span dir="ltr"><<a href="mailto:brian.mathis%2Bale@betteradmin.com" target="_blank">brian.mathis+ale@betteradmin.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
As of rsync 2.6 (1 Jan 2004)<br>
<a href="http://rsync.samba.org/ftp/rsync/src/rsync-2.6.0-NEWS" target="_blank">http://rsync.samba.org/ftp/rsync/src/rsync-2.6.0-NEWS</a><br>
<br>
The man page since then has said (under SETUP):<br>
For remote transfers, a modern rsync uses ssh for its communications [1]<br>
and the -e section says:<br>
Typically, rsync is configured to use ssh by default<br>
<br>
-e can come in handy if you want to pass other options to ssh, such as<br>
changing the port or encryption cipher.<br>
<br>
<br>
[1] <a href="http://sunsite.ualberta.ca/Documentation/Misc/rsync-2.6.6/rsync.1.html#lbAF" target="_blank">http://sunsite.ualberta.ca/Documentation/Misc/rsync-2.6.6/rsync.1.html#lbAF</a><br>
<br>
❧ Brian Mathis<br>
<br>
<br>
On Tue, Dec 27, 2011 at 10:15 AM, Jim Kinney <<a href="mailto:jim.kinney@gmail.com" target="_blank">jim.kinney@gmail.com</a>> wrote:<br>
> Hmm. Someone needs to update the rsync man pages to reflect -e default is<br>
<div><div>> ssh<br>
><br>
> On Dec 27, 2011 10:12 AM, "Brian Mathis" <<a href="mailto:brian.mathis%2Bale@betteradmin.com" target="_blank">brian.mathis+ale@betteradmin.com</a>><br>
> wrote:<br>
>> There's no need for the -e stuff for a long time now. Rsync uses ssh<br>
>> by default on all modern versions. You get the same effect using the<br>
>> simpler form of:<br>
>><br>
>> rsync -P file.to.transfer username@remote.host:/path/store/file/<br>
>><br>
>> ❧ Brian Mathis<br>
>><br>
>> On Mon, Dec 26, 2011 at 11:44 PM, James Sumners <<a href="mailto:james.sumners@gmail.com" target="_blank">james.sumners@gmail.com</a>><br>
>> wrote:<br>
>> > XMPP is really not the right tool for this. Rsync is what you want:<br>
>> ><br>
>> > $ rsync -P -e "ssh -l username" file.to.transfer<br>
>> > remote.host:/path/store/file/<br>
>> ><br>
>> > Where "username" is the SSH user you will be using to transfer the file.<br>
>> ><br>
>> > On Monday, December 26, 2011, Wolf Halton <<a href="mailto:wolf.halton@gmail.com" target="_blank">wolf.halton@gmail.com</a>> wrote:<br>
>> >> What would be wrong with using xmpp as a transfer protocol for moving<br>
>> >> backups of tarred files? I have used scp for this purpose, but if the<br>
>> >> tunnel<br>
>> >> is broken, the file is corrupted. From what I have been reading, if a<br>
>> >> session drops in xmpp, it picks up where it was dropped and continues.<br>
>> >> I am<br>
>> >> working inside a c-class private subnet.<br>
>> >><br>
>> >> <a href="http://sourcefreedom.com" target="_blank">http://sourcefreedom.com</a><br>
<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br><br clear="all"><br></div></div><span><font color="#888888">-- <br>-- <br>James P. Kinney III<br><br>As long as the general population is passive, apathetic, diverted to
consumerism or hatred of the vulnerable, then the powerful can do as
they please, and those who survive will be left to contemplate the
outcome.<br>- <i><i><i><i>2011 Noam Chomsky<br><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a></i></i></i></i></font></span><br></blockquote></div><br>Thanks for this string. It has helped me speed up my custom back-up thing. I am using "rsync -av here there" and it is doing great. I am using moosefs to mount storage on each client and rsyncing from my collection point to the remote server storage. This is far easier to sort out though it is somewhat insecure, since each root user from each of the machines can look at all of the tar-kives. <br>
<br>Wolf<br><br>-- <br>This Apt Has Super Cow Powers - <a href="http://sourcefreedom.com" target="_blank">http://sourcefreedom.com</a><br>Advancing Libraries Together - <a href="http://LYRASIS.org" target="_blank">http://LYRASIS.org</a><br>
<br>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div>