Interactive Rsync Authentication Problem
jw at pegasys.ws
Thu May 29 00:49:08 EST 2003
On Wed, May 28, 2003 at 10:27:44AM -0400, Andrew Klein wrote:
> I have run across an interesting issue when running rsync from Solaris
> to an rsync daemon on Linux. It works properly when I specify the
> password on the command line:
> RSYNC_PASSWORD=the_Password rsync -r /tmp/test
> test_user at test_server::test_user/topdir/subdir
> However, if I do not specify the password on the command line and am
> prompted interactively, it always fails. After some investigation I find
> that Solaris getpass() returns a maximum of PASS_MAX bytes which on our
> systems is set to 8. The comment in authenticate.c is:
> cyeoh says that getpass is deprecated, because
> it may return a truncated password on some systems,
> and it is not in the LSB.
> Does this issue deserve a code fix/workaround?
> Andy Klein
I'm not inclined to do a workaround. A _portable_
getpass(3) replacement is non-trivial and i'm not eager to
add termio functionality to rsync just for this one thing.
Getpass functionality really does belong in the libraries in
You could try overriding PASS_MAX in the config+build. I
don't know if that will work with Solaris libs or not.
I cannot recommend providing the password in the environment
block as you have done. Last i recall, the environment block
on Solaris is world readable. If nothing else i'd suggest
either reducing the password to eight chars or less, or use
the --password-file option.
J.W. Schultz Pegasystems Technologies
email address: jw at pegasys.ws
Remember Cernan and Schmitt
More information about the rsync