restricting rsync over ssh on the server side.
Justin Banks
justinb at constantdata.com
Mon Jan 6 00:32:01 EST 2003
Rob Browning wrote
> Aaron Morris <aaronmorris at mindspring.com> writes:
>
> > I only mention this because I do not believe most people even realize
> > there is this other mode to rsync. I tried describing it to a
> > co-worker who uses rsync regularly, but he kind of just stared at me
> > blankly.
>
> Right. I was aware of that mode, but it seemed like it would only
> work in cases where the remote sysadmin was willing to run another
> daemon (if they're not already running rsyncd). With the command= ssh
> approach, for sites already using ssh, the admin, or even the user on
> the server side, can set up as many restricted keys as they want.
>
> Also, it wasn't clear to me from the docs how secure rsync's password
> challenge and authentication scheme is expected to be. It seemed like
> the ssh + restricted command= approach would likely be safer, but I'm
> not sure how I'd quantify that.
Use it with stunnel.
-justinb
More information about the rsync
mailing list