1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
If you're anything like me, you have a copy of your annex on a computer running at home¹, set up so you can access it from anywhere like this:
ssh myhome.no-ip.org
This is totally great! Except, there is no way for your home computer to pull your changes, because there is no onthego.no-ip.org. You can get clunky and use a bare git repository and git push, but there is a better way.
First, install openssh-server on your on-the-go computer
sudo apt-get install openssh-server
Then, log into your home computer, with *port forwarding*:
ssh me@myhome.no-ip.org L 2201:localhost:22
Your home computer can now ssh into your on-the-go computer, as long as you keep the above shell running. Presto, you can use the same shell to set up your remote:
ssh-keygen -t rsa
ssh-copy-id localhost -p 2201
cd ~/annex
git annex remote add on-the-go ssh://localhost:2201/home/myuser/annex
And run normal annex operations:
git annex sync
git annex get on-the-go some/big/file
git annex status
You can add more computers by repeating with a different port, e.g. 2202 or 2203 (or any other).
If you're security paranoid (like me), read on. If you're not, that's it! Thanks for reading!
Paranoid Area
---
Note you're granting passwordless access to your on-the-go computer to your home computer. I believe that's all right, as long as:
* Your home computer is really in your home, and not at a friend's house or some datacenter
* Your home computer can be accessed only by ssh, and not HTTP or Samba or NTP or (shoot me now!) FTP
* Only you (and perhaps trustworthy family) have access to your home computer
* You have reasonably strong passwords or key-only logins on both your home and on-the-go computers.
* You regularly install security updates on both computers (sudo apt-get update && sudo apt-get upgrade)
In any case, the setup is much, much, much more secure than Dropbox. With Dropbox, you have exactly the same setup, but:
* Your data is stored in some datacenter. It's supposed to be encrypted. It might not be.
* Lot's of people have routine access to your files, and plausible reason to. Bored employees might regularly be doing some 'maintenance work' involving your pictures.
* The dropbox software can do anything it likes on your computer, and it's closed source and can't be audited
* Any dropbox employee can conveiably use your installed dropbox to look at any file on your computer
* A truly huge amount of eyes connected to incredibly smart brains have looked at openssh and found it secure. Everybody trusts openssh. With dropbox, there is, well, dropbox. Whoever that is.
-----
¹ My always-on computer at home is a raspberry pi with a 32GB USB stick. Best self-hosted dropbox you could imagine.
|
