Re: [Duplicity-talk] Scp calls

[AJ Weber]

Right, this is where I was thinking a simple OpenVPN setup would work, but 
it basically accomplishes the same thing.

1) Knock Once
2) Start OpenVPN tunnel from client to server.
3) Run multiple duplicity commands via ftp (do not need the 
double-encryption overhead).
4) Shutdown OpenVPN and Exit script.


----- Original Message ----- 
From: ""Peter Valdemar Mørch (Lists)"" <address@hidden>
To: "Discussion of the backup program duplicity" <address@hidden>
Sent: Wednesday, January 06, 2010 3:44 AM
Subject: Re: [Duplicity-talk] Scp calls


> If you want to make sure only to know once, I was thinking of a simple 
> workaround:
>
> Before calling duplicity, do the port knocking and open an ssh
> connection that does a port forward. *That* ssh connection stays open
> for the entire duplicity duration and knocking is only needed once.
> Then let duplicity use ssh over the port forwarded connection.
> Something like:
>
> <script>
> open_port_via_port_knocking
> ssh -f -N -L 2222:localhost:22 some.server.com
> duplicity /home/me scp://user[:address@hidden:2222/some_dir
> kill_ssh_connection
> </script>
>
> (Hope that makes sense)
>
> Yes, you'll get the ssh overhead twice, but perhaps that doesn't matter
> much in your case. And perhaps some netcat magic could be used instead
> of the SSH port forwarding to eliminate that overhead, I don't know.
>
> Peter
> --
> Peter Valdemar Mørch
> http://www.morch.com
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk