backup .ssh folder - Githubissues

OpenELEC / service.openelec.settings

service.openelec.settings - OpenELEC settings addon

Other

12 stars 35 forks source link

backup .ssh folder #68

Closed Yannik closed 9 years ago

Yannik commented 9 years ago

Hi,

BACKUP_DIRS, which is used in do_backup includes XBMC_USER_HOME, USER_CONFIG and CONFIG_CACHE.

CONFIG_CACHE does include ./services/sshd.conf.

If you disable ssh password authentication in ./services/sshd.conf as recommended, then backup and restore your configuration, you will be locked out from ssh, as the .ssh folder which includes the authorized_keys is not backed up.

Because of this it would be very good to backup the .ssh folder as well.

Thanks Yannik

Yannik commented 9 years ago

I created a PR for this: https://github.com/OpenELEC/service.openelec.settings/pull/69

stefansaraev commented 9 years ago

I dont think this is good idea. you can always re-enable password auth and do ssh-copy-id.

@lfiebach @sraue what do you think ?

Yannik commented 9 years ago

@stefansaraev Can you elaborate why you think this is a bad idea? Reenabling password auth without ssh access seems to be quite complicated for the user. Apparantly it's not possible to easily access a local shell with CTRL+ALT+.., but requires adding a option to cmdline.txt which then again would require the user to first notice that the ssh login doesn't work, shutdown the pi, physically remove the sdcard and edit the cmdline.txt manually and so on. This seems to be quite a hassle.

stefansaraev commented 9 years ago

reenabling password auth is easy and possible via GUI.

on my set-up, I have private keys in .ssh, I am not sure I want those to end up in backups. that's of course, my personal opinion, if @sraue agrees with #69 - I wont protest ;)

Yannik commented 9 years ago

I hope your private keys are encrypted? ;-)

Thanks for the note on reenabling password auth using the gui. Anyway, to me it still seems to be more logical (as well as comfortable) to have all individual settings backed up using the backup option (even thumbnails are backed up!), and not have some files (seemingly randomely) excluded.

stefansaraev commented 9 years ago

thinking again about it, this is very valid point. tanks for taking the time to report (and sending a PR). added in 61ef74538e260fa271873b1595e9d54a6aa0a18e

Yannik commented 9 years ago

@stefansaraev Thanks. Can you give me a heads up in which addon repo this addon is located?

stefansaraev commented 9 years ago

none. iit's part of openelec. the fix will be available next beta.