I have found reference a couple of places on the web describing the details of authentication when rsync'ing with the server in daemon/non-shell mode. For example: http://www.linuxjournal.com/article.php?sid=6508 "rsync's authentication mechanism, available only when run in d?mon mode, is based on a reasonably strong 128-bit MD5 challenge-response scheme. This is superior to standard FTP authentication for two reasons. First, passwords are not transmitted over the network and therefore are not subject to eavesdropping attacks." This fact is important for people who wish to optimize their transfer speed and minimize processor load and are not synchronizing sensitive data (they only wish to protect their username/password). I would guess that people frequently end up tunneling over ssh when their security requirements don't actually necessitate it. There is no mention of the encrypted authentication scheme in the rsync man pages or on the site, as far as I can tell. So, I have 2 requests: 1. Can someone confirm that this description of the auth mechanism is accurate? 2. Can someone update the documentation? -- Steve Schultze Technical Manager, The Public Radio Exchange http://www.prx.org
cbarratt@users.sourceforge.net
2004-Jan-06 20:14 UTC
Daemon-mode authentication documentation
Steve Schultze writes:> I have found reference a couple of places on the web describing the > details of authentication when rsync'ing with the server in > daemon/non-shell mode. For example: > > http://www.linuxjournal.com/article.php?sid=6508 > "rsync's authentication mechanism, available only when run in dæmon > mode, is based on a reasonably strong 128-bit MD5 challenge-response > scheme. This is superior to standard FTP authentication for two > reasons. First, passwords are not transmitted over the network and > therefore are not subject to eavesdropping attacks." > > This fact is important for people who wish to optimize their transfer > speed and minimize processor load and are not synchronizing sensitive > data (they only wish to protect their username/password). I would > guess that people frequently end up tunneling over ssh when their > security requirements don't actually necessitate it. > > There is no mention of the encrypted authentication scheme in the rsync > man pages or on the site, as far as I can tell. So, I have 2 requests: > > 1. Can someone confirm that this description of the auth mechanism is > accurate?Almost. It is a challenge-response scheme based on 128 bit MD4, not MD5. The cryptographers in the audience might tell you that this is not as secure as MD5, but direct attacks are still difficult. However, like most challenge-response schemes, it is vulnerable to a dictionary attack. If you sniff a challenge-response pair, you can brute force attempt long lists of words to try to find the password. So it is important to choose passwords that are not simple words or combinations of words, ie: with unusual combinations of letters, case, numbers, punctuation etc.> 2. Can someone update the documentation?Please propose a patch to rsync.yo or rsyncd.conf.yo. Craig