[H-GEN] How safe is SSH on the internet?

Robert Brockway robert at timetraveller.org
Sun Jun 29 23:22:31 EDT 2003 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

On Sun, 29 Jun 2003, Jason Parker-Burlingham wrote:

> There is one instance where SSH doesn't seem to have stepped up to the
> plate:  I tried in vain a number of years ago to get the remote tape
> interface working with SSH.  (This is when you want to set $TAPE to
> point to a tape drive on another machine.)  I think it boiled down, in
> the end, to getting rexec going.

Scp should be usable to write directly to a remove tape device, or if you
prefer rsync -e ssh (rsync over ssh).  One of these two commands have been
the basis of all remote backup solutions I've setup in the last few
years[1].

Using rmt with ssh was problematic (iirc from years ago) but ssh and mt
can be used to control the tape device (in conjunction with sudo on the
remote box to avoid any need to actually ssh in as root).

Eg,

ssh to remote box : use "sudo mt" to move tape around.
scp to remote box: dump the data to the tape device.

[1] Admittedly I can't recall having hit tape directly over the remote
link using ssh/scp (although I did use rsh/rsp long ago).  I tend to use
staging areas on the backup server before dumping to offsite storage.

This has been possible in many cases thanks to the increase in HD capacity
relative to the important data most people/organisations keep.  The
staging area is a convenient "first port of all" in the case of a
non-disaster recovery of data[2] too.

I decided to carry out a quick experiment to support my ascertion thata
remote dev file could be used within scp:

zen:~$ scp /etc/hosts localhost:/dev/null
hosts                                         100%  316     3.8MB/s   00:00
scp: /dev/null: truncate: Invalid argument

This did work, although an error was pushed back.  This wouldn't be
insurmountable.  I believe (but cannot prove right now) that a remote tape
device that was ready to accept data would act the same way as /dev/null).

[2] On other words, when a user deletes an important file on their system
:)

Rob

-- 
Robert Brockway B.Sc. email: robert at timetraveller.org  ICQ: 104781119
Linux counter project ID #16440 (http://counter.li.org)
"The earth is but one country and mankind its citizens" -Baha'u'llah

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list