On the company's webserver we have two harddrives. Apache is aware of
one of those harddrives and serves websites from that harddrive. The
other harddrive is not reachable via the web. I've written some cron
jobs that make a backup of various MySql databases and saves a copy to
that second hard drive.

For added security, I'd love to have a cron job (on my home Ubuntu
machine) that runs each night and downloads all the backups to my home
machine. I thought I could write a bash shell script using scp to do
this, but I now find out that one has to jump through several hoops
(create private/public keys, etc) to do it.

I'm wondering if there is an easier way to download the files, using
PHP? Any thoughts on this?

"lawrence k" <lkrubner@geocities.com> wrote in message
news:5b537a98-84ad-47fd-b1e4-2d1683b43572@v67g2000hse.googlegroups.com...
>
> On the company's webserver we have two harddrives. Apache is aware of
> one of those harddrives and serves websites from that harddrive. The
> other harddrive is not reachable via the web. I've written some cron
> jobs that make a backup of various MySql databases and saves a copy to
> that second hard drive.
>
> For added security, I'd love to have a cron job (on my home Ubuntu
> machine) that runs each night and downloads all the backups to my home
> machine. I thought I could write a bash shell script using scp to do
> this, but I now find out that one has to jump through several hoops
> (create private/public keys, etc) to do it.
>
> I'm wondering if there is an easier way to download the files, using
> PHP? Any thoughts on this?

What is your company's policy concerning corporate data security?

On Feb 9, 10:25 pm, lawrence k <lkrub...@geocities.com> wrote:
> On the company's webserver we have two harddrives. Apache is aware of
> one of those harddrives and serves websites from that harddrive. The
> other harddrive is not reachable via the web. I've written some cron
> jobs that make a backup of various MySql databases and saves a copy to
> that second hard drive.
>
> For added security, I'd love to have a cron job (on my home Ubuntu
> machine) that runs each night and downloads all the backups to my home
> machine. I thought I could write a bash shell script using scp to do
> this, but I now find out that one has to jump through several hoops
> (create private/public keys, etc) to do it.
>
> I'm wondering if there is an easier way to download the files, using
> PHP? Any thoughts on this?

It really isn't that hard to set up ssh and scp to not require a
password. Probably a lot less trouble than trying to do it in PHP.
Google for "ssh no password" and you'll find plenty of information.

lawrence k wrote:

> but I now find out that one has to jump through several hoops (create
> private/public keys, etc) to do it.

This is actually really easy to do.

On the client end, you run "ssh-keygen" which creates two files:

~/.ssh/id_dsa (think of this as an identity badge)
~/.ssh/id_dsa.pub (think of this as verification for the badge)

For any servers into which you wish to be able to log without a password,
you copy the "id_dsa.pub" file to that server and append it to the end of
the file "~/.ssh/authorized_keys2", which can be done from the command
like using:

cat id_dsa.pub >>~/.ssh/authorized_keys2

The "authorized_keys2" file can be thought of as a database of which
badges have authorised access to the server.

Your first go might take 20-30 minutes to figure it all out, but once you
get used to it, it only takes a few minutes to set up.

--
Toby A Inkster BSc (Hons) ARCS
[Geek of HTML/SQL/Perl/PHP/Python/Apache/Linux]
[OS: Linux 2.6.17.14-mm-desktop-9mdvsmp, up 12 days, 18:55.]

Mince & Dumplings
http://tobyinkster.co.uk/blog/2008/0...nce-dumplings/

On Feb 9, 10:35 pm, "McKirahan" <N...@McKirahan.com> wrote:
> "lawrence k" <lkrub...@geocities.com> wrote in message
>
> news:5b537a98-84ad-47fd-b1e4-2d1683b43572@v67g2000hse.googlegroups.com...
>
>
>
> > On the company's webserver we have two harddrives. Apache is aware of
> > one of those harddrives and serves websites from that harddrive. The
> > other harddrive is not reachable via the web. I've written some cron
> > jobs that make a backup of various MySql databases and saves a copy to
> > that second hard drive.
>
> > For added security, I'd love to have a cron job (on my home Ubuntu
> > machine) that runs each night and downloads all the backups to my home
> > machine. I thought I could write a bash shell script using scp to do
> > this, but I now find out that one has to jump through several hoops
> > (create private/public keys, etc) to do it.
>
> > I'm wondering if there is an easier way to download the files, using
> > PHP? Any thoughts on this?
>
> What is your company's policy concerning corporate data security?


I'm allowed to download the files, if that is what you need. I'm one
of the owners of the firm, and I'm the one who does most of the
sysadmin stuff (though I'm not really a sysadmin, obviously). So I'm
allowed to do it, so long as I can figure out a secure way to do it.

On Feb 11, 7:47 am, Toby A Inkster <usenet200...@tobyinkster.co.uk>
wrote:
> lawrence k wrote:
> > but I now find out that one has to jump through several hoops (create
> > private/public keys, etc) to do it.
>
> This is actually really easy to do.
>
> On the client end, you run "ssh-keygen" which creates two files:
>
> ~/.ssh/id_dsa (think of this as an identity badge)
> ~/.ssh/id_dsa.pub (think of this as verification for the badge)
>
> For any servers into which you wish to be able to log without a password,
> you copy the "id_dsa.pub" file to that server and append it to the end of
> the file "~/.ssh/authorized_keys2", which can be done from the command
> like using:
>
> cat id_dsa.pub >>~/.ssh/authorized_keys2
>
> The "authorized_keys2" file can be thought of as a database of which
> badges have authorised access to the server.
>
> Your first go might take 20-30 minutes to figure it all out, but once you
> get used to it, it only takes a few minutes to set up.


Okay, you convinced me. I was being lazy. But I'll get it together and
do this.