Add a client to tykbackup: Difference between revisions
From TykWiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
The following steps should be followed to add a new client to TykBackup: | |||
== Add SSH key == | |||
Make sure the folder <code>/root/.ssh</code> exists, and run the command below to allow the backup server to log in as root using ssh: | Make sure the folder <code>/root/.ssh</code> exists, and run the command below to allow the backup server to log in as root using ssh: | ||
<pre>echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys</pre> | <pre>echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys</pre> | ||
== Configure sshd == | |||
Also change <code>PermitRootLogin no</code> to yes in <code>/etc/ssh/sshd_config</code>, the (sensible) default in FreeBSD is to not allow root logins over ssh. | Also change <code>PermitRootLogin no</code> to yes in <code>/etc/ssh/sshd_config</code>, the (sensible) default in FreeBSD is to not allow root logins over ssh. | ||
'''Consider disallowing password logins and use key login only, and | '''Consider disallowing password logins and use key login only, and always firewall ssh.''' | ||
== Configure firewall == | |||
Allow SSH logins from <code>backup.tyknet.dk</code> to allow the backup server to login. | |||
== Install rsync == | |||
Dirvish uses rsync, so install the port <code>/usr/ports/net/rsync/</code> with the default options: | |||
<pre> | |||
sudo portmaster /usr/ports/net/rsync/ | |||
</pre> | |||
== |
Revision as of 13:35, 12 December 2010
The following steps should be followed to add a new client to TykBackup:
Add SSH key
Make sure the folder /root/.ssh
exists, and run the command below to allow the backup server to log in as root using ssh:
echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCtcUmjmE+dkGzpsRthCInngEvoPK2BF8j16boL5GJpZCnVCEFxWWoa+j4UKD8P4XFpKx3swsSFacofqcu/s/Vtx51CSXmQiB6SKjEvUc6Yig9/uZB/YxlklTZfKg3nZOcji/xzeyGF8M51YFMVMrawi26EexpZtSigHz8rrYFdhQ+SdwDQpQzRy06LYRbnIj+wtqdJ8gIAA9iTvrjJ3WMG82A/Vk38xd5acrW33S325ian/c2cfZXXvqvc1KssfJurhkaedpxTo8pRncxlo2KEPs2e2FWYHQfZtO63hbhWw0oOQzDd1JDr4Bo9GZyXtDysaW1q3u9trTrIG6Asf7N3Fy/9b/l3S3g5oaD+n7Q5dZhDQSzNTPsG8hV0C47+A6XZlxlWSfxhE+G3GBh5CF9kiHiA0xwblLIfo8otP/uo0GjJoGqqaYpRUgh4to9rMx1x+QEActyT3aXmv6C8JhImZwXlcKnxgM4EWvELdV4dMtvV7/wWEoY3LR8bpZXlu/sfIF0PZCMv/SGrr6+HVsbqCWflia444vvUjYKOiH/5NFGv0sSl4HxiHnWFwxNoAyQ/z8CeIEm8MQNta+xrpucAWRfLI/I4qpb7g9tJZZWy/NVlcoB2SNo75NqdP/4rZ3R9b5pFNwc/aNnsdnqwTBeNNiD52loXIsNBaec9PMxypQ== root@backup.tyknet.dk" >> /root/.ssh/authorized_keys
Configure sshd
Also change PermitRootLogin no
to yes in /etc/ssh/sshd_config
, the (sensible) default in FreeBSD is to not allow root logins over ssh.
Consider disallowing password logins and use key login only, and always firewall ssh.
Configure firewall
Allow SSH logins from backup.tyknet.dk
to allow the backup server to login.
Install rsync
Dirvish uses rsync, so install the port /usr/ports/net/rsync/
with the default options:
sudo portmaster /usr/ports/net/rsync/
==