Add a client to tykbackup: Difference between revisions

From TykWiki
Jump to navigationJump to search
No edit summary
No edit summary
Line 1: Line 1:
The following steps should be followed to add a new client to TykBackup:
== Add SSH key ==
Make sure the folder <code>/root/.ssh</code> exists, and run the command below to allow the backup server to log in as root using ssh:
Make sure the folder <code>/root/.ssh</code> exists, and run the command below to allow the backup server to log in as root using ssh:


<pre>echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys</pre>
<pre>echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys</pre>


== Configure sshd ==
Also change <code>PermitRootLogin no</code> to yes in <code>/etc/ssh/sshd_config</code>, the (sensible) default in FreeBSD is to not allow root logins over ssh.  
Also change <code>PermitRootLogin no</code> to yes in <code>/etc/ssh/sshd_config</code>, the (sensible) default in FreeBSD is to not allow root logins over ssh.  


'''Consider disallowing password logins and use key login only, and consider firewalling ssh.'''
'''Consider disallowing password logins and use key login only, and always firewall ssh.'''
 
== Configure firewall ==
Allow SSH logins from <code>backup.tyknet.dk</code> to allow the backup server to login.
 
== Install rsync ==
Dirvish uses rsync, so install the port <code>/usr/ports/net/rsync/</code> with the default options:
<pre>
sudo portmaster /usr/ports/net/rsync/
</pre>
 
==

Revision as of 13:35, 12 December 2010

The following steps should be followed to add a new client to TykBackup:

Add SSH key

Make sure the folder /root/.ssh exists, and run the command below to allow the backup server to log in as root using ssh: 

echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys

Configure sshd

Also change PermitRootLogin no to yes in /etc/ssh/sshd_config, the (sensible) default in FreeBSD is to not allow root logins over ssh.

Consider disallowing password logins and use key login only, and always firewall ssh.

Configure firewall

Allow SSH logins from backup.tyknet.dk to allow the backup server to login.

Install rsync

Dirvish uses rsync, so install the port /usr/ports/net/rsync/ with the default options: 

sudo portmaster /usr/ports/net/rsync/

==

Retrieved from "https://tyk.wiki/index.php?title=Add_a_client_to_tykbackup&oldid=354"