# Optimal scenario for a backup server?



## atmosx (Oct 25, 2013)

Hello,

I am building a network of Linux clients which are connected to the main server (FreeBSD 9.1). I would like to keep incremental backups of these clients till they reach a specific GB number, say 0.5 GB for each client is enough, since the backup is mostly configuration files (should not be more than 50MB a full backup).

My initial thought was setting up a FreeBSD jail and using rdiff-backup to backup the clients to server's jail. This would require for every client to have an ssh authorization access to the jail.

The problem is that I don't _trust_ the clients. I don't know if any of them at any time will get compromised. I will secure them (iptables, monitoring scripts and possibly, AIDE) but I would like to be able to keep their backups on the server without giving shell access. I wonder if there's a way I can achieve this. Running _rdiff-backup _ from server to clients, will not give me root access which is need to backup that require root permission, since 'root ssh' is a no-no.

Thank you for your time,

best regards,

atmosx


----------



## junovitch@ (Oct 26, 2013)

You may find the information in this thread useful. http://forums.freebsd.org/showthread.php?t=3689.   It involves using rsync and SSH keys with sudo locking down what can be done.


----------

