Re: PGP scripting...

From: Darryl Luff (darryl@snakegully.nu)
Date: 01/09/03

Next message: Tom Arseneault: "RE: PGP scripting..."

Previous message: Sinan Eren: "RE: Suggestions for third-party code review consultants?"
In reply to: lsi: "Re: PGP scripting..."
Next in thread: Peter Jeremy: "Re: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 09 Jan 2003 11:51:18 +1100
From: Darryl Luff <darryl@snakegully.nu>
To: stuart@cyberdelix.net

lsi wrote:

>I have spent many hours attempting to figure out how to get my webserver logfile downloaded (or, website
>updates uploaded) via FTP automatically, without having to leave my password floating around on my
>machine somewhere.
>
You can do that with SSH. Have the web server periodically pack up the
web logs into a directory accessible only by a special user, then set
that user account up to authenticate with a key rather than a password.

Then from the downloading machine set up a cron job to 'scp' the files
back regularly, and delete them from the server if necessary.

Make sure that the 'special' user doesn't have access to anthting on the
server except the packed log files.

You could even have the server encrypt the files with a public key, and
keep the private key for decrypting them on the other machine. Then even
if someone gets into the server they can't access the already decrypted
log files.

You can do the same for the web site uploads. Give a single user account
write access to the web directory (and nothing else). Have it
authenticate with a key, and 'scp' the files across.

If you want these things to happen automatically you can't put a
passphrase on the private keys, because if you do someone needs to be
there to type the passphrase in. But the private keys are stored on a
different machine, not on the server.

Next message: Tom Arseneault: "RE: PGP scripting..."
Previous message: Sinan Eren: "RE: Suggestions for third-party code review consultants?"
In reply to: lsi: "Re: PGP scripting..."
Next in thread: Peter Jeremy: "Re: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Testing email
... Internet Connection wizard -> Connect to the internet) to configure mail ... Click Start, click Server Management. ... pop3 server information, user account, mailbox type and so on. ... the issue and send the log files to me: ...
(microsoft.public.exchange.admin)
Re: Testing email
... Internet Connection wizard -> Connect to the internet) to configure mail ... Click Start, click Server Management. ... pop3 server information, user account, mailbox type and so on. ... the issue and send the log files to me: ...
(microsoft.public.exchange.admin)
Re: Login Failures
... What is the user account "msmith"? ... please check the SBS Server and the client computer from ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ...
(microsoft.public.windows.server.sbs)
Re: Access Shared Printer??
... shares) on other domain member computers (centralized user account ... defined as a local printer that is shared is called the server. ... at the client computer with the username and password that is common to ... This command will use the ServerUserName to do an "authentication" on the ...
(microsoft.public.win2000.printing)
Re: Integrated Windows Authentication authenticating the wrong user
... How exactly are you seeing the wrong user account? ... Windows as the troubled user to create a fresh new Windows profile and see ... If this hasn't been done already, I would check the web server logs, run a ... > The application in question is Serena's TeamTrack. ...
(microsoft.public.inetserver.iis.security)