5 Jan
2016
5 Jan
'16
3:21 p.m.
When setting up dsync for replication, what should the user permissions be for sync over ssh?
I'm running virtual users only. Postfix and Dovecot services run as mail:mail. All the maildir folders are owned by mail:mail and permissions are 700. User mail is not allowed login.
So whats the best practice in respect to security to allow for dsync over ssh?
So of the options I consider:
change postfix/dovecot settings so that maildirs are created with 770 permissions, then create a user dsync:mail that is allowed for ssh login.
permit user mail to login using ssh
3)go with tcp sync rather than ssh
Other suggestions?
PG