[TriLUG] Automated file copy security question
Craig Duncan
craigduncan at nc.rr.com
Fri Oct 7 12:52:11 EDT 2005
Ron Joffe wrote:
>Hey folks, got a question for anyone with some insight:
>
>I've got a number of customers spread out across the US. I want to copy a set
>of data (a file for this discussion) from each customer to my own server on a
>regular scheduled time.
>
>My main concern is security.
>
>I can easily set up an rsync job utilizing ssh that will take care of this
>issue. However my concern is this:
>
>If I do a "push" from client to my site, and the client server gets
>compromised, then my server may also be compromised. I know I can limit this
>by limiting the shell capabilities of the user on my server.
>
>If I do a "pull" from my site to my client, and my server gets compromised,
>then my client's server may also be compromised.
>
>Any suggestions, ideas, or methodologies?
>
>
One cup of soap/xmlrpc
One spoonful of ssl
A sprinkle of encrypted tokens
Mix according to taste, repeat as necessary
C
More information about the TriLUG
mailing list