From ArchWiki
Jump to: navigation, search

Server setup

Hi all, I'm trying to create a secure server for duplicity: any hints on how to make it secure? Like, imposing limits with quotas (on e.g. BTRFS), bandwidth limits, no remote shell (really the one thing I don't get how to do) when using a reasonable protocol (not ftp)? I tried looking on internet, but everyone is more concerned about "how do I make it work" instead of "how do I make it secure"?

It'll also be a good addition to the wiki page IMO

Cheers, Moviuro (talk) 22:13, 31 March 2015 (UTC)

if you use the following "shell", SSH access to the server will be regulated (POSIX compliant, as a bonus)
if [ $# -eq 0 ]; then
        printf "%s\n" "Hahaha, you fool"
        printf "%s\n" "Only rsync(1) will ever work here."
        exit 1
elif [ $# -eq 2 ] && [ "$1" = "-c" ] && printf %s\\n "$2" | grep -qe "^rsync --server"; then
        exec $2