I'm new on rsync, and I have some question regarding file synchronization my rsyncd.conf is secrets file = /etc/rsyncd.secrets read only = yes list = yes uid = nobody gid = nobody max connections = 1 log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid lock file = /var/run/rsync.lock [test] path = /home/test auth users = test on another linux, I executed rsync --verbose --progress --recursive --delete test@123.123.123::test/ /home/test2 with no problem on file synchronization but it seems that rsync sending plain password for the user test and the contents too. Then I digged the documenation and for more secure, ssh is the choice. right ?! rsync with ssh, I executed rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete 123.123.123:test/ /home/test2 but it said receiving file list ... link_stat /test : No such file or directory however if I provide the full remote path rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete 123.123.123:/home/test /home/test2 and it success. And it seems the remote host does not need rsync to be run in daemon and rsync with ssh, I can put any path of remotehost Am I right ?
On Oct 23, 2005, at 7:58 PM, Adrian Mak wrote:> I'm new on rsync, and I have some question regarding file > synchronization > my rsyncd.conf is > secrets file = /etc/rsyncd.secrets > read only = yes > list = yes > uid = nobody > gid = nobody > max connections = 1 > log file = /var/log/rsyncd.log > pid file = /var/run/rsyncd.pid > lock file = /var/run/rsync.lock > > [test] > path = /home/test > auth users = test > > on another linux, I executed > rsync --verbose --progress --recursive --delete > test@123.123.123::test/ /home/test2 > with no problem on file synchronization > > but it seems that rsync sending plain password for the user test and > the contents too. Then I digged the documenation and for more secure, > ssh is the choice. right ?! > > rsync with ssh, I executed > rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete > 123.123.123:test/ /home/test2 > > but it said > receiving file list ... > link_stat /test : No such file or directory > > however if I provide the full remote path > rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete > 123.123.123:/home/test /home/test2 > > and it success. And it seems the remote host does not need rsync to be > run in daemon and rsync with ssh, I can put any path of remotehost > > Am I right ? > -- > To unsubscribe or change options: https://lists.samba.org/mailman/ > listinfo/rsync > Before posting, read: http://www.catb.org/~esr/faqs/smart- > questions.html >Recommend that you consider using the keybased authentication method built into ssh2. The manpage for ssh-keygen explains how to set this up.
I think you are confusing the 8 different ways of using rsync. You should read again and more carefully the section GENERAL in manual page of rsync, rsync(1), for details. Keep reading below: Adrian Mak wrote:> rsync with ssh, I executed > rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete > 123.123.123:test/ /home/test2 >It seems you wish the following (quoted from rsync(1)): o for copying from a remote machine using a remote shell program as the transport, using rsync server on the remote machine. This is invoked when the source path contains a :: separator and the --rsh=COMMAND (aka "-e COMMAND") option is also provided. You are using a single ":", so the command is wrong and it does what expected: o for copying from the local machine to a remote machine using a remote shell program as the transport (such as ssh or rsh). This is invoked when the destination path contains a single : separa- tor. That is, you are not using the rsync server: a full remote path is required. If you wish to use the rsync server, try with: rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete 123.123.123::test/ /home/test2 Cheers, Manuel. ______________________________________________ Renovamos el Correo Yahoo! 1GB de capacidad, nuevos servicios y m?s seguridad http://correo.yahoo.es
On Mon, 2005-10-24 at 07:58 +0800, Adrian Mak wrote:> I'm new on rsync, and I have some question regarding file synchronization > [...] > > [test] > path = /home/test > auth users = test > > on another linux, I executed > rsync --verbose --progress --recursive --delete > test@123.123.123::test/ /home/test2 > with no problem on file synchronization > > but it seems that rsync sending plain password for the user test and > the contents too. Then I digged the documenation and for more secure, > ssh is the choice. right ?!I'm not familiar with the security of rsync daemons, but I do trust that of ssh. I much prefer ssh because it is flexible and works together so nicely with Linux accounts and file permissions, while the rsync daemon system tries to reinvent the wheel in these two areas.> > rsync with ssh, I executed > rsync --verbose --progress --recursive -rsh=/usr/bin/ssh --delete > 123.123.123:test/ /home/test2 > > but it said > receiving file list ... > link_stat /test : No such file or directoryWhen you use SSH, the path on the remote host is interpreted relative to the home directory of the user as whom you are SSH-ing into the host. It looks like the remote user has a home directory of / .> And it seems the remote host does not need rsync to be > run in daemon and rsync with ssh, I can put any path of remotehost > > Am I right ?Yes! This is the awesome thing about rsync! It dovetails with ssh to provide a powerful, efficient, Internet-transparent copy command. -- Matt McCutchen, ``hashproduct'' hashproduct@verizon.net -- http://mysite.verizon.net/hashproduct/
On Mon, Oct 24, 2005 at 07:58:04AM +0800, Adrian Mak wrote:> but it seems that rsync sending plain password for the user test and > the contents too.This is taken directly from the rsyncd.conf manpage: The authentication protocol used in rsync is a 128 bit MD4 based challenge response system. Although I believe that no one has ever demonstrated a brute-force break of this sort of system you should realize that this is not a "military strength" authentication system. It should be good enough for most purposes but if you want really top quality security then I recommend that you run rsync over ssh. Also note that the rsync daemon protocol does not currently provide any encryption of the data that is transferred over the connection. Only authentication is provided. Use ssh as the transport if you want encryption. So, no, the password is not sent in plain-text over the socket.> 123.123.123:test/ /home/test2When using ssh, the current directory defaults to the login user's home dir, so that's lookin for a "test" dir in (I assume) /home/test. ..wayne..