secure local mysql backups?

Discussion in 'Server Operation' started by vmos, Dec 7, 2011.

  1. vmos

    vmos Member

    Good morning,
    we've got a couple of servers that run a script that dumps the mysql databases into a local directory on the server.

    Now this has two significant flaws. First, the mysql root password is stored as plain text in the script. Secondly, the databases dumps are just plain text, albiet zipped.

    Now I've been looking for various solutions and not come up with anything satisfactory.

    I could encrypt the zips but that still leaves the passwords in the script. I put the script and the dumps into an encrypted directory but then you can't run that with a cron job.

    I could have a remote server login and take backups of the databases but if possible I'd like something on the local server.

    These particular servers are either running debian or ubuntu with apache

    Any suggestions?
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    There is no security problem when you run the script as root cronjob so that the script itself is owned by root and has 700 permissions and the directory where the script dumps its files has to be owned by root as well with 700 permissions. So no user except of the root user can see the mysql password in the sdript or get the mysql database contents.
     

Share This Page