[Boxbackup-dev] Need server-side kill-switch

James O'Gorman james at netinertia.co.uk
Sun Oct 28 17:25:53 GMT 2012 

On Sun, Oct 28, 2012 at 01:08:56PM -0400, Peter Jalajas, GigaLock Backup Services wrote:
> As with Dave B., I have no access to the clients.  A result of the
> foibles of the human condition; the death of the third-party admin and
> the complete dissolution of his business.  I wish there was a human
> way around this problem, but there isn't.  The client cannot or will
> not disable the boxbackup client service on their machine.  I've
> offered to drive over to their office and do it for them, no response.

Can understand your problem/frustration here, however...

> Them connecting to my server every few minutes is good for neither of
> us (nor the web in general).

As a first solution, can you not just put a packet filter in front of
your backup server (hopefully there's one anyway) that sends a TCP RST
to the client?

> This new Disable switch is the only way to prevent this in the future.
[...]
> I beg of Chris, please implement the boxbackup-client-service Disable
> switch being able to be sent from the boxbackup server. Don't remove
> the client service; don't delete  any client files; just send the
> instruction for the BoxBackup _client_ to stop trying to connect to
> the offering server.

This won't fix your immediate problem though, as it sounds like the
customer isn't co-operating, therefore won't install the new version
that supports this.

I understand your point about the server being the general control of
the account, however the client setup isn't managed by the server admin
- the client is handed an encryption key by the server, but nothing
about the client is actually _modified_ by the server.

I really do believe Chris' implementation is the right solution, and if
you have a problem with unhelpful customers not disabling their client,
you should simply firewall them off (or control access to bbstored with
tcpd).

As an aside:

> BoxBackup was originally contemplated with the BoxBackup Admin having
> full control of both the Client and the Server

Actually that's not the case. The idea is that the server admin need not
be fully trusted, hence everything being encrypted both on the wire and
on disk. Ben developed the system for a client of his, whose systems I
doubt he had access to.

James

More information about the Boxbackup-dev mailing list