rsync - Nov 2002 - deny host and auth users not working over ssh

Hi-

I have a solaris 8 box with the latest ssl, ssh, and rsync all set up.
 ssh and an apache-sll site are running good - I feel confident that
ssl and ssh are set up correctly, but when I use rsync over ssh, it
(rsync) will allow me to sync as any (system) user from any host ecven
though the rsyncd.conf file in /etc has user auth = <one real system
user> and host deny = *

is there something I'm missing here?  Seems I shouldn't be able to run
rsync

johnnyfulcrum <johnnyfulcrum@yahoo.com> wrote:
> I have a solaris 8 box with the latest ssl, ssh, and rsync all set up.
>  ssh and an apache-sll site are running good - I feel confident that
> ssl and ssh are set up correctly, but when I use rsync over ssh, it
> (rsync) will allow me to sync as any (system) user from any host ecven
> though the rsyncd.conf file in /etc has user auth = <one real system
> user> and host deny = *
> 
> is there something I'm missing here?  Seems I shouldn't be able to
run
> rsync
rsync*d*.conf.

If you are using the ssh access method, then there is no rsyncd involved.


Max.

On Tue, Nov 19, 2002 at 09:12:39PM -0000, johnnyfulcrum
wrote:
> Hi-
> 
> I have a solaris 8 box with the latest ssl, ssh, and rsync all set up.
>  ssh and an apache-sll site are running good - I feel confident that
> ssl and ssh are set up correctly, but when I use rsync over ssh, it
> (rsync) will allow me to sync as any (system) user from any host ecven
> though the rsyncd.conf file in /etc has user auth = <one real system
> user> and host deny = *
> 
> is there something I'm missing here?  Seems I shouldn't be able to
run
> rsync
Rsync over ssh doesn't run rsyncd so the rsyncd.conf file is
not used.  See the AllowUsers and DenyUsers directives in
sshd_config.

-- 
________________________________________________________________
	J.W. Schultz            Pegasystems Technologies
	email address:		jw@pegasys.ws

		Remember Cernan and Schmitt