On Sun 23 Aug 2015 at 17:00:46 +0000, Eric Haszlakiewicz wrote: > Since you haven't changed the sshd config in /etc/ssh, then the > default is to refuse root logins. You'll need to edit that, then > restart sshd. > Or, a slightly better option would be to create and push your backups > to a non-root user, so a compromise one one box doesn't automatically > result in root on the other. One way to do it is as follows. You can allow root logins only by private key, not by password. Of course, you don't have your private key stored on the backup client. To get access to use it, you log in with ssh to the server and add it to ssh-agent. After the agent has the key, you can use it from the client (if you use sudo -E backupcommand, so that it has access to the environmnent variable that points to the ssh-agent). -Olaf. -- ___ Olaf 'Rhialto' Seibert -- The Doctor: No, 'eureka' is Greek for \X/ rhialto/at/xs4all.nl -- 'this bath is too hot.'
Attachment:
pgp2fq9LNZly1.pgp
Description: PGP signature