how about auth users without a password?

Larry Brasfield larrybrasfield at
Wed Jan 21 05:48:23 GMT 2004

Hi, from a generally pleased new rsync user.

I have setup a number of services to be accessible via SSH.
For most of them, it has been possible to arrange that clients
can use a key agent and ssh's level 2 protocol to gain access
without the need of entering passwords more than once, at
the start of a session (assuming their keys are not stored in
the clear).

Most of these services can be setup to restrict specific users
to specific subsets of the potentially available access.  With
rsync, this appears to be feasible using the "auth users"
configuration item in rsyncd.conf, but in my efforts so far,
this always results in a password prompt.

So, this is either a question or a suggestion.

How can I use rsyncd.conf to limit module access to specific
users (or groups, preferably) without inducing rsync to demand
a password?  If this is not presently possible, I suggest that a
nice enhancement would be to make it possible via some device
such as a '*' in the associated password entry.  This might be
limited to rsync invocations by a currently authenticated user
(such as occurs with SSH access) and disallowed for the "listen
on rsync's port" mode of operation.

I would like to use SSH to authenticate users and grant access
to the machine, leaving more specific rights management to the
configuration of individual services.  With rsync, these functions
appear to be a bit more intertwined than they have to be.

If people think this is a good idea, (especially the "owners" of
rsync), I would be happy to revise the code to make it work.
Let me know at
   larry nospacehere brasfield at m s n dot com
and I will post the results to this list/thread after a week or so.

Larry Brasfield

More information about the rsync mailing list