Re: rsync and ssh

[Stephen Samuel <samuel@bcgreen.com>]

The machine at the destination end should not need to be
uid 0 (root equiv) unless the source files belong to more than one
user and those uid's need to be preserved on the recipient system.

It's actually still possible to do it without root privs on the
destination system by setting up a cron job for each user on the
source system, and a trust to the equivalent users on the destination
system. (presumes a limited number of users or an automated system
for setting up the rsyncs).

To  make life a bit safer, you can also limit the SSH connection
on the recipient system such that only rsync is usable by the
RSA/DSA keys used to do the rsync.

Robert L. Harris wrote:
 >
 > Use "rsync -e ssh" and set up a trust.  Make sure that the system
 > initiating the connection is very secure otherwise you've opened up a
 > hole with the user's ID on the remote system.
 >
 > Ideal situation?
 >
 > Machine A sends a file to Machine B
 > Create a new id "rsync-foo" on both machines with 0 privs.  Make the
 >   home dirs /var/tmp/ and a shell of /dev/null (SHOULD work with rsync).
 > Establish trust from A to B using the rsync-foo user ID.
 >
 > rsync -e ssh -avHD -stats /source/files /target/files
 >
 > Then a cron job on MachineB which validates the data and then
 > copies/rsync's it to it's final destination.
 >
 > Robert
-- 
Stephen Samuel +1(604)876-0426                samuel@bcgreen.com
		   http://www.bcgreen.com/~samuel/
    Powerful committed communication. Transformation touching
        the jewel within each person and bring it to life.