DO NOT REPLY [Bug 1890] TLS for rsync protocol

samba-bugs at samba-bugs at
Sat Aug 8 05:44:14 MDT 2009

------- Comment #6 from devzero at  2009-08-08 06:44 CST -------
when using rsync over ssh, you give a remote user interactive shell access.
shell access is not needed for that and may quite often impose a severe
security risk. (undermine firewall policies etc)

how do you prevent that ?

there may be some way to use a restricted shell like scponly, but all such
solutions are just an ugly hack, as they are adressing an architectural

furthermore , you cannot use ssh for encryption when running rsync in daemon

so, the demand for "sending/receiving data trough an encrypted socket
connection" is valid, and thus the request for tls here.

Configure bugmail:
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the rsync mailing list