2

I have setup 3 servers one with a load balancer and the other 2 will host the websites files and I have a replicated MySQL database on both too. I have installed ispconfig on both and it's set to mirror one of the server and everything is working fine. For security I have disabled root ssh logins. Ispconfig created directory structures using the root account.

I have tried to ssh between the two boxes as root but because I have disabled root ssh logins it doesn't work, likewise when I try to run unison it won't connect as the root user. I have a user account with sudo privs which can connect but because ispconfig has set the files up using the root account it won't sync them. I'm just wondering if anyone has ever been in a similar situation. I'm trying to build a high availability shared hosting platform for my clients and also trying to keep security at a maximum. I need the two servers to sync files like for example Wordpress uploads directories, hosting those files on another server is not an option at the moment so I need to have this configuration up and running.

Kravitz
  • 157
  • 9

1 Answers1

1

I faced a situation like yours some months ago, and I solved my problem (synchronization of www files between many nodes belonging to apache user) with btsync, that is a program that keeps many files aligned between two or more machines using BitTorrent protocol. It's secure, uses cryptography, and IMHO is very efficient and transparent. It's worth a try.

Here's some links on how to use it:

http://crunchbang.org/forums/viewtopic.php?id=27825

http://artofsimplicity.co.uk/install-bittorrent-sync-on-a-headless-ubuntu-server/

Riccardo M.
  • 150
  • 1
  • 9
  • Looks good but as ispconfig has set the structure of some of the www sub folders to root I still have the problem of root not being able to ssh between the servers – Kravitz May 16 '16 at 07:20
  • Ok, so in this case, if you cannot change those directories' permissions to another user different from root, you could consider to use public key auth for the root user ONLY between the nodes that need to get synced (and password logins can remain disabled). Take a look at this link: http://unix.stackexchange.com/questions/99307/permit-root-to-login-via-ssh-only-with-key-based-authentication By the way, btsync doesn't need to use SSH, it uses its own protocol, and the nodes get in sync thanks to a shared key. – Riccardo M. May 16 '16 at 08:29