Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Why go to all this trouble when you can use a one-liner' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Why go to all this trouble when you can use a one-liner
Authored by: sckz on May 24, '06 06:07:09PM

Indeed. Rsync works fine. But now a security issue.
I'd like some clients to be able to use rsync to backup their files of a project to my server using rsync. They have a user account on my server. But to let them use rsync, I have to give them shell access. And that scares me. They can go everywhere using SSH and also see other client's files.

Is there any way to let a client use rsync but not let him have SSH access? I already limited the access by using a wrapper that only accepts the rsync command, but rsync has the feature of showing file lists - and those show again all file names in the server.

What do you mean with tunneling?

All help greatly appreciated!

Jonathan Richter

My Server: Mac mini with OS X server 10.4



[ Reply to This | # ]
Why go to all this trouble when you can use a one-liner
Authored by: kd4ttc on Oct 05, '06 05:30:40PM

At this point you need to give your users public key authentication so they can log in without user passwords. You should want then to use SSH. They possibly might have something in their files that would compromise your system, such as notes they took on logging in to your computer. The way to protect your system is by setting permissions correctly for each user that is logging onto your system. Without limiting permissions you have a very vulnerable system.

---
Steve Holland



[ Reply to This | # ]