RE: password file syncing

From: Caron, Jim (Jim.Caron_at_bestwestern.com)
Date: 01/27/04

  • Next message: Lars Bohnsack: "ssh statistics ? connection slows down !"
    Date: Tue, 27 Jan 2004 08:27:52 -0700
    To: <jim.horwath@rcn.com>, <secureshell@securityfocus.com>
    
    

    Hi Jim,

       I have two secure FTP servers (poor man's HA) that I run in our
    customer DMZ. I use rsync to keep the customer data files current, and
    I also send the password and shadow files. 99% of the time it works.
    1% of the time the password file gets garbled for some reason. You need
    to run an additional job to backup the password and shadow files on the
    HA target and also keep a window open somewhere. I know that's not a
    completely secure approach, but if your password file dies in transit,
    you're going to be hard crashing your system or not getting in at all...
    Our FTP servers are physically secure so I can leave the console
    connected as root.

       Just something to think about...

    -----Original Message-----
    From: jim.horwath@rcn.com [mailto:jim.horwath@rcn.com]
    Sent: Monday, January 26, 2004 1:15 PM
    To: secureshell@securityfocus.com
    Subject: password file syncing

    I have two servers I need to keep the passwd and group files
    in sync. I don't have access to an HA environment, as a
    poor man's solution I was thinking of using rsync or rdist
    over ssh to keep the password files in sync between two
    servers. Anybody have any experience either positive or
    negative doing something like this? Thanks in advance.

    Regards,
    Jim


  • Next message: Lars Bohnsack: "ssh statistics ? connection slows down !"

    Relevant Pages

    • Fwd: RE: password file syncing
      ... > I have two secure FTP servers that I run ... >completely secure approach, but if your password file dies ... >over ssh to keep the password files in sync between two ...
      (SSH)
    • Re: Running Web Servers In A Chroot Jail
      ... It depends on which webserver you are running, and how secure your cgi scripts ... You probably need to do a code audit to determine this at this time. ... security breaches. ... I run http and ftp servers here, both are secure and neither offer any ...
      (comp.os.linux.setup)