How to secure crashplan against unauthorized access?

[Spacemarine]

How do you secure crashplan against someone accessing your files (or even displaying your filenames) via a remote crashplan desktop app?

I'm running crashplan on my freenas-9.3 machine. In the desktop application I see the option "require account password to access crashplan desktop application" But does that protect the headless client from being accessed? Or does it really only secure the desktop application? That wouldn't make much sense...

 

[pirateghost]

A. Someone would have to have your user id/key from the freenas plugin (would have to get it via ssh and jail access)

B. They would have to know your login for the client.

 

[Spacemarine]

A. You are right, that should be a pretty good protection.

B. That's exactly my question: What is protected by the password? The headless client? Or the desktop app? Because crashplan states that the desktop app is protected, but maybe that's just because they don't distinguish between these two programs.

 

[pirateghost]

A. You are right, that should be a pretty good protection.

B. That's exactly my question: What is protected by the password? The headless client? Or the desktop app? Because crashplan states that the desktop app is protected, but maybe that's just because they don't distinguish between these two programs.

Because running headless on freebsd is not really supported, I am sure they assume crashplan is running on the same system that the app is running on.

I don't know which they mean for the password, but since this is in my house and nobody else has access to my ui.info I'm not concerned with it.

 

[Robert Trevellyan]

What is protected by the password?

I'm about 95% sure that requiring the account password protects the system the engine is running on, regardless of where the GUI is connecting from.