rsync & SSL 'for real'

Lawrence D. Dunn ldunn at
Wed Apr 18 05:57:08 GMT 2007

   If you do pursue SSL functionality directly in rsync,
   please be sure to take a look at Chris Rapier's work
   to "fix" standard ssh implementations, at:

   Turns out "-e ssh" using most libraries puts a fixed-window-size 
   behavior on top of TCP - so for large bandwidth*delay product paths,
   even if you use large TCP buffers (which Wayne added for such paths),
   an "un-fixed" SSL library can clobber overall performance/throughput,
   even for a perfectly clean (no  errors/loss) path.


At 3:23 PM -0700 4/17/07, Wayne Davison wrote:
>On Tue, Apr 17, 2007 at 12:52:57PM +0200, Andreas Kotes wrote:
>>  I'd be willing to put up the effort to add full (or at least better)
>>  SSL support direclty to rsync if the maintainers would agree with it,
>>  and would seriously consider including it in the main source in the
>>  long run.
>I'd be interested in getting SSL support into the main rsync codebase
>(in such a way that it could be conditionally omitted, if needed).  I
>haven't had time to really check into it myself (I need to figure out
>why the SSL patch didn't work for me, but never had the impetus to delve
>into it).
>Your list of SSL goals seem quite reasonable to me.
>To unsubscribe or change options: 
>Before posting, read:

More information about the rsync mailing list