I am newbie in working with rdiff.
I am taking the backup using rdiff from client to server end.
can anyone tell me why we need to install rdiff backup at server end as well?
hwo it works?
rdiff access file systems of connect to the rdiff on server?
The suggested solution with mountable file systems are barely usable though. And that is exactly why you need rdiff on the server, as it makes delta calculations and optimizes the throughput by sending only information needed as a result. Otherwise why even bother using rdiff at all ...
Actually you don't need rdiff on the remote side... if you have SFTP-access. Have a look at this article on the rdiff wiki page.
In general you don't need rdiff on the remote side if you can access the remote filesystem in some other way like NFS or CIFS (although CIFS has been troublesome for some users).
Related
First, I feel very silly.
For fun/slight profit, I rent a vps which hosts an email and web server and which I use largely as a study aid. Recently, I was in the middle of working on something, and managed to lose connection to the box directly after having accidentally changed the ownership of my home folder to an arbitrary non-root, incorrect user. As ssh denies root, and anything but pubkey authentication, I'm in a bad way. Though the machine is up, I can't access it!
Assuming this is the only issue, a single chown should fix the problem, but I haven't been able to convince my provider's support team to do this.
So my question is this: have I officially goofed, or is there some novel way I can fix my setup?
I have all the passwords and reasonable knowledge of how all the following public facing services are configured:
Roundcube mail
Dovecot and postfix running imaps, smtps and smtp
Apache (but my websites are all located in that same home folder, and
so aren't accessible - At least I now get why this was a very bad idea...)
Baikal calendar setup in a very basic fashion
phpMyAdmin but with MySql's file creation locked to a folder which apache isn't serving
I've investigated some very simple ways to 'abuse' some of the other services in a way that might allow me either shell access, or some kind of chown primitive, but this isn't really my area.
Thanks!!
None of these will help you, at least of the services you listed none have the ability to restore the permissions.
All the VPS providers I've used give "console" access through the web interface. This is equivalent to sitting down at the machine, including the ability to login or reboot in recovery mode. Your hosting provider probably offers some similar functionality (for situations just like this, or for installing the operating system, etc), and it is going to be your easiest and most effective means of recovery. Log in there as root and restore your user's permissions.
One thing struck me as odd,
I haven't been able to convince my provider's support team to do this.
Is that because they don't want to do anything on your server which you aren't paying them to manage, or because they don't understand what you're asking? The latter would be quite odd to me, but the former scenario would be very typical of an unmanaged VPS setup (you have root, console access, and anything more than that is your problem).
I was careless when I made some changes to my C# web service which accesses a postgresql database server at my work, and I forgot to close some connections I made. After testing the service many times over the past few days, I realized too late that I forgot to close my connections and now I can't access the server.
I've googled other solutions but they all involve me changing the max connection size in the postgres.conf file. The problem is that I don't have such a file on my own computer. I'm assuming the conf file is on the original machine that hosts the database server?
Is there any solution to this so that I can access the server again, and kill the old connections, without going to the original host machine of the database?
The only other options are:
to connect as the database superuser, which has superuser_reserved_connections other users cannot use; or
if you can, ssh in to the DB server and kill -TERM individual PostgreSQL worker backends. (on windows, that'd be rdp'ing in and using End Process on the backend postgres.exe processes, but it's much harder to pick a safe one to terminate on Windows, you'd want to use Process Explorer to examine the process heirachy and arguments so you can pick a regular backend).
In future you can prevent this by setting a connection limit on the user your appserver connects as; see ALTER USER.
The startup I'm working for is going to be hosting our site and accompanying database on Amazon Cloud Servers. I was wondering if it's possible to have multiple people SSH'd into the instance simultaneously, like if I want to fool around with the databases while my coworker edits some php sripts. Can this be done?
Yes it's possible :)
Just an advice use ssh-key it's better for detect/log who are logged.
My OSCommerce site includes a separately programmed feature for which I use SQL tables. I've decided to host its tables on a remote site offering free SQL accounts. I'd like to know if there could be any disadvantages to this approach.
Thanks
Syd
Disadvantages might include the longer time it will take to run the script since it has to make a connection over the network and the need to make sure that the database connection is made securely -- that the password for the database login isn't passed in clear text & that the permissions on the receiving end of the connection are set to allow connections from only that IP. Of course you'll also want to make sure that the free hosting company provides adequate security for the database itself -- "free" doesn't alway pay for the best set up or the most knowledgeable technicians...
You should connect to your MySQL database using MySQL's built-in SSL ability. This insures that all data transfered is highly protected. You should create self-signed x509 certificates and hard code them. This is free, and you don't need a CA like Verisign for this. If there is a certificate exception then there is a MITM and thus this stops you from spilling the password.
Another option is a VPN, and this is better suited if you have multiple daemons that require secure point to point connections.
I am assuming you are hosting the OSCommerce database on the same server as the webserver and your solution only allocates one database per customer. You can use the add-on tables in the same database as the regular OSCommerce tables as long as you prefix them with some prefix so that they won't have a namespace conflicts. If the code to the third party solution is any good, it won't be too hard to configure a table prefix so that the code will know what the new names for the tables are. This solves any potential latency problem and keeps the control in your hands. I use this trick to host multiple wordpress blogs in the same database.
If you were the administrator of an Apache web server, what protocol(s) would you prefer to provide, for the web developers to upload static files (html/gif/css/...), with the goal of maximum security ?
If you were the web developer/graphic designer, what protocols would you prefer to be available at the Apache server, to upload static files ?
SCP is what I'd go with.
You can even use Filezilla for it and pretend it's unsecure FTP: http://filezilla-project.org/
SSH/SCP. It's simple, fast, free, and can be as secure as you want. Alternatives are FTP (hahahaha, yeah right) and POSTing files over HTTPS.
I give web developers instructions on using an sftp/scp client and a login shell using scponly. That way they get their access to upload files, but I have fewer concerns about them doing bad things to the webserver.
I use ssh config to limit users to sftp on a development server then use version control to review the changes and move them to production with got format-patch
We deploy using Capistrano, which afaik does all its work via git (over SSH) - at least, in our deploy script it is.