DO NOT REPLY [Bug 1890] TLS for rsync protocol

samba-bugs at samba.org samba-bugs at samba.org
Sat Aug 8 05:44:14 MDT 2009


https://bugzilla.samba.org/show_bug.cgi?id=1890





------- Comment #6 from devzero at web.de  2009-08-08 06:44 CST -------
when using rsync over ssh, you give a remote user interactive shell access.
shell access is not needed for that and may quite often impose a severe
security risk. (undermine firewall policies etc)

how do you prevent that ?

there may be some way to use a restricted shell like scponly, but all such
solutions are just an ugly hack, as they are adressing an architectural
problem.

furthermore , you cannot use ssh for encryption when running rsync in daemon
mode. 

so, the demand for "sending/receiving data trough an encrypted socket
connection" is valid, and thus the request for tls here.


-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.


More information about the rsync mailing list