Re: How do I set-up secure automated file push and pull?

From: Kurt Seifried (bugtraq@seifried.org)
Date: 04/23/02


From: "Kurt Seifried" <bugtraq@seifried.org>
To: "Anupam" <frj780jdy85533001@sneakemail.com>, <focus-sun@securityfocus.com>
Date: Tue, 23 Apr 2002 15:26:02 -0600

Several other methods come to mind:

scp, using public crypto keys. Then your script simply:

scp user@remotehost:/some/file /local/dest

or

NFS over IPSec (IPSec is well supported in Solaris), you can provide read
only mounts, push or pull files, control access reasonably well, etc.

or

or FTP over IPSec, things like proftpd make it really easy to give users
download or upload access only, you can restrict based on IP, if you have
static IP's and are using IPSec then you can simply use anon ftp, no need to
fiddle with credential storage/etc. Nice to mirror as well, wget/mirror make
it pretty easy.

or

rsync over ssh, mostly pull method, but handy for synching large dirs/etc.

There is not "best" way. Sometimes I use rsync over ssh. Sometimes I use
scp. Sometimes I use NFS. Sometimes I use FTP.

Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.iDefense.com/