Re: rsync backup
- From: CptDondo <yan@xxxxxxxxxxxxxxxx>
- Date: Mon, 09 Jul 2007 16:29:48 -0700
Tim Southerwood wrote:
Mark Shroyer coughed up some electrons that declared:
This still leaves him tunneling TCP over TCP, though, which he says
is something he'd like to avoid. Having Rsync use SSH as a sort of
transport layer instead of tunneled TCP (using the --rsh parameter)
is a better approach from the networking point of view.
Hi Mark,
Although it's giving me brain cancer to think about it, I'm not convinced
that rsync over an ssh tunnel is in the same category as TCP over a PPP VPN
over SSH.
On balance though, my solution is, I believe, one of the best from the
security POV (it avoids all of the ssh-as-root nastiness), which would lead
me, if it were my problem, to live with the networking issues and try to
tune them down by adjusting the TCP stack at my end, or if necessary, both
ends, or get the customer to fix their broken (IMHO) router.
Amen. I *think* I solved the problem by changing to a UDP based VPN from their end. (They can connect out using UDP, but the router won't forward incoming UDP connections - yes, it's broken - but it came free from their ISP.)
At least preliminary testing shows its working. :-)
--Yan
.
- Follow-Ups:
- Re: rsync backup
- From: Unruh
- Re: rsync backup
- From: Tim Southerwood
- Re: rsync backup
- References:
- rsync backup
- From: CptDondo
- Re: rsync backup
- From: Tim Southerwood
- Re: rsync backup
- From: Mark Shroyer
- Re: rsync backup
- From: Tim Southerwood
- rsync backup
- Prev by Date: Re: rsync backup
- Next by Date: Re: generate a password string to be used by the useradd command
- Previous by thread: Re: rsync backup
- Next by thread: Re: rsync backup
- Index(es):
Relevant Pages
|
