rsync with ssh

Wayne Davison wayned at
Mon Oct 24 23:25:39 GMT 2005

On Mon, Oct 24, 2005 at 07:58:04AM +0800, Adrian Mak wrote:
> but it seems that rsync sending plain password for the user test and
> the contents too.

This is taken directly from the rsyncd.conf manpage:

    The authentication protocol used in rsync is a 128 bit MD4 based
    challenge response system. Although I believe that no one has ever
    demonstrated a brute-force break of this sort of system you should
    realize that this is not a "military strength" authentication
    system.  It should be good enough for most purposes but if you want
    really top quality security then I recommend that you run rsync over

    Also note that the rsync daemon protocol does not currently provide
    any encryption of the data that is transferred over the connection.
    Only authentication is provided. Use ssh as the transport if you
    want encryption.

So, no, the password is not sent in plain-text over the socket.

> 123.123.123:test/ /home/test2

When using ssh, the current directory defaults to the login user's home
dir, so that's lookin for a "test" dir in (I assume) /home/test.


More information about the rsync mailing list