1

I have setup a backup server which pulls data using rsnapshot from my server. rsnapshot is running as root on backup machine and connects to the server via RSA key that has no passphrase. My concern is that this may not be a good securitywise. If attacker gains access to my backup machine, he can compromise my backups and server data too.

The question is How should I do this right?

Another thing I'd like to know is:

How can I track rsnapshot activity, to make sure backup successfully finished and there were no problems?

user80666
  • 459
  • 2
  • 6
  • 15

1 Answers1

1

I can't answer the "how to track" part of your question, but in regard to backup security: Ensure that all sensitive data is encrypted before leaving the server, and is stored in an encrypted format when it gets to its destination.

The quick, ghetto way of handling this is to just encrypt it after it's all transferred (with gpg or similar).

Production backup software like Bacula can do this for you as a built-in feature...

voretaq7
  • 79,879
  • 17
  • 130
  • 214