rsync // su

Martin Pool mbp at
Fri Sep 5 12:45:50 EST 2003


Please send questions to the list, not to me.

On  4 Sep 2003 Atom 'Smasher' <atom at> wrote:

> i've been trying to find a good answer for this, but pretty much all
> i've found is disagreement on what level of insecurity is
> acceptable....
> the problem arises when trying to use rsync as root.
> obviously, allowing root logins through ssh (or any protocol, really)
> is best avoided.

Can you explain why you hold that opinion?

> of course, there are things that might need to be backed up
> through rsync that can only be had with root permissions.
> there are several hacks i've found that play with known hosts and
> their keys, or scripting which side initiates the transfer, etc. they
> all try to bypass the problem, but most really don't fix it.
> here's my dream fix:
> add a new option to rsync:	-su

(The short-options -su already have meanings; you must mean --su.)

> let's say i want to mirror the /etc directory, but leave root login
> disabled... wouldn't it be cool if i could:
> rsync -var --delete -e ssh -su 		\
> 	atom at 	\
> 	/usr/backup/suspicious/etc/
> and then, it would prompt me for the root passwd and (assuming that
> i'm in the wheel group) continue the rsync as if i logged in as root.

Can you please explain how sending a root password over an ssh channel
is more secure than directly logging in as root?

Indeed, for some cases (such as the user 'atom' being compromised) it
seems less secure.

If you really want to do this you can probably do it using an rsync
wrapper script invoked through --rsync-path.

> if i was any good in C, i'd at least prototype it for you. anyway, if
> you think that would be a good addition to rsync, i know i'd enjoy
> seeing it in a future release.
> anyway, maybe some of my open-source projects will be of help to
> you....


More information about the rsync mailing list