Question on encryption

Tim Potter tpot at samba.org
Fri Dec 21 08:43:28 EST 2001


On Thu, Dec 20, 2001 at 04:21:52PM -0500, George Sinclair wrote:

[...]

> Does running rsync in daemon mode on the remote host preclude the need
> to use SSH from the client? If so, how secure is this versus using rsync
> in non daemon mode with SSH? I have considered building SSH to not use
> encryption, but I was thinking rsync in daemon mode might obviate the
> need to have to use SSH if it can still be made secure.

Yes - you don't need to run ssh to use rsync in daemon mode.  The
authentication mechanism uses a challenge/response so the password is
not sent over the wire.  The rsync data sent after the authentication
suceeds is not encrypted, which sounds just what you are after.

If you read the manual page for rsyncd.conf, look at the sections on
the 'secrets file' and 'auth users' parameters.


Regards,

Tim.




More information about the rsync mailing list