mirroring a loop device across an ssh connection

Jason openssh at lakedaemon.net
Sat Dec 2 05:13:20 EST 2006


Jefferson Ogata wrote:
> On 2006-12-01 17:35, Jason wrote:
>> So far, I've looked at Rex/sfs [1], pseudo-tty programming, and a little 
>> of unix domain sockets.  I'm more familiar with network socket 
>> programming, though.  My main holdup right now is my lack of familiarity 
>> with openssh internals.  If someone could point to the right section of 
>> the src tree, perhaps with a nudge towards how to do this securely, it 
>> would greatly appreciated.
> 
> Take a look at drbd.

Thanks, I hadn't stumbled across that yet.  There is only one small 
problem with it, which I failed to mention in my initial mail.  I can't 
assume I have root access to the remote machine.  I might be able to get 
an 'sudo losetup ...' approved, but most likely I'll need to mirror the 
file descriptor of the file container over the ssh connection.

Currently, for proof of concept, I have root access on the server, but I 
may not in the final implementation.

> Really, if the crypto of the underlying fs is secure, you shouldn't need
> to mirror over ssh; plain rsync (or drbd) mirroring, should be secure.

I would prefer to use ssh, as that is the only incoming connection I 
allow from the internet :)  the remote server could be on the other side 
of the world, depending on my travels.

tia,

Jason.



More information about the openssh-unix-dev mailing list