Skip to Content
Unix Backup and Recovery
book

Unix Backup and Recovery

by W. Curtis Preston
November 1999
Intermediate to advanced
736 pages
22h 46m
English
O'Reilly Media, Inc.
Content preview from Unix Backup and Recovery

Security

Historically, backups and security have had almost completely opposite goals. Things such as .rhosts files were absolutely necessary to gain any type of backup automation, and yet they are a well-known security problem. Fortunately, most modern backup products have worked around these problems.

Sockets or rsh?

There are very few products left that communicate via rsh. rsh has been identified as a security hole, and many sites have disabled it. The products that still use rsh usually do not require the ability to rsh as root; instead, they set up a special user ID that is used only for that purpose. That way, a .rhosts entry needs to be set up only for that user.

Most products now communicate via Berkeley sockets. This means that they need to have some client-side software running with which they can communicate; the process running on the client is called a “daemon.”

Encryption?

More and more people are asking for encryption. Encryption can be accomplished in one of three ways. Some software packages encrypt the commands that they send back and forth, so that a rogue server cannot imitate them and perform unauthorized actions, such as request a restore of data it is not entitled to. Another method is to encrypt backup data in transit but then decrypt it as it is being written to a backup volume. This allows backups over an insecure network but does not require an encryption key to read the volume (think of it as a “backup tunnel”). Then, of course, there are software ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Linux Security Cookbook

Linux Security Cookbook

Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 1565926420Catalog PageErrata