rsync: Re: using rsync to backup windows workstations

[Dave Dykstra]

On Wed, Nov 14, 2001 at 02:47:42PM -0600, Ben Ricker wrote:
> On Wed, 2001-11-14 at 14:35, Thomas Lambert wrote:
> > I thought just a straight rsync daemon was unsecure.  I am sending data from
> > remote dial-up sites, through the internet to my server.  That is why I am
> > using ssh (well trying to use it).  If this was just for my internal
> > network, then YES, I would probably just use the daemon.  One other problem
> > is that they are dial-up, so each time they connect to the internet, they
> > get a new IP.
> 
> You are right: Rsync as a daemon in your environment would be less
> secure than ssh.

Agreed.


> > I tried just doing "ssh linuxbox username -a" and I was asked for a
> > password. So I changed PasswordAuthentication to "no" in my sshd_config file
> > on the server. Restarted sshd and now I am getting permission denied. I did
> > copy the contents of my identity.pub, rsa_id.pub, dsa_id.pub to
> > authorized_keys on the server.  I'm going to read some more on ssh, but if
> > anyone knows a quick fix, let me know.
> 
> There are two: make sure the dsa_id.pub is in authorized_keys2 if you
> just use '-e ssh' as an option for rsync, this automagically uses ssh
> version 2, so you need the '2' you keys file. 'authorized_keys' is for
> ssh 1. You can change the -e option to "-e 'ssh 1'" to use
> auhtorized_keys (I believe that is the command line; I got ssh 1 doing
> authentication but I switched to 2 because it is much more secure).

Not anymore in OpenSSH 3.0p1: the regular known_hosts and authorized_keys
files hold both kinds of keys, and the *2 files are deprecated.  He's using
cygwin 1.3.4 which includes OpenSSH 3.0p1.

- Dave Dykstra