Daemon-mode authentication documentation
Steve Schultze
steve at prx.org
Mon Jan 5 21:33:29 GMT 2004
I have found reference a couple of places on the web describing the
details of authentication when rsync'ing with the server in
daemon/non-shell mode. For example:
http://www.linuxjournal.com/article.php?sid=6508
"rsync's authentication mechanism, available only when run in dæmon
mode, is based on a reasonably strong 128-bit MD5 challenge-response
scheme. This is superior to standard FTP authentication for two
reasons. First, passwords are not transmitted over the network and
therefore are not subject to eavesdropping attacks."
This fact is important for people who wish to optimize their transfer
speed and minimize processor load and are not synchronizing sensitive
data (they only wish to protect their username/password). I would
guess that people frequently end up tunneling over ssh when their
security requirements don't actually necessitate it.
There is no mention of the encrypted authentication scheme in the rsync
man pages or on the site, as far as I can tell. So, I have 2 requests:
1. Can someone confirm that this description of the auth mechanism is
accurate?
2. Can someone update the documentation?
--
Steve Schultze
Technical Manager, The Public Radio Exchange
http://www.prx.org
More information about the rsync
mailing list