sshbackuprsyncauthorized-keysrsnapshot

Hardening authorized_keys used in rsync backup


What I'm trying to accomplish:

 

On ServerB - /etc/rsnapshot.conf is setup to run rsync with the following args:

 

I have tried the following on ServerA:

But rsnapshot keeps crashing and giving IO error codes for rsync.

What am I missing here?


Solution

  • !! Problem Solved !!

    Found out about rrsync --- /usr/share/doc/rsync/scripts/rrsync, copy it to wherever.

    Since I'm keeping a copy of the backups on ServerA, I might as well rsync from them instead of using rsnapshot on ServerB. (This was my initial idea, but it doesn't work since there are duplicate files because of links that rsnapshot creates, I ended up having rsnapshot running both on ServerA and ServerB, to save backups from ServerA to a localDir on ServerA and also make remote snapshots from ServerA to ServerB.)

    Defaults!/usr/local/bin/rrsync env_keep += "SSH_ORIGINAL_COMMAND"
    backup ALL = (root) NOPASSWD: /usr/local/bin/rrsync
    

    Now works as expected.

    Note that the path on ServerA in the command above is relative to the rule set in authorized_keys.