OpenMacNews
2005-Oct-29 18:10 UTC
how to restrict rscync to ONLY use ssh-pubkey transport & auth?
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 hi all, i have two OSX boxes set up for ssh via pubkey auth only. i'm setting up rsync comms for the first time. i have rsyncd running on box A. no-auth rsync from box B to/from box A's rsyncd works as expected. rsync@B to/from rsyncd@A using pubkey-auth'd-ssh trasport: rsync --verbose --stats --recursive -e "ssh -F $MY_SSH_CONF -l $MY_USER" /path_to_src_dir/* BOX_A_FQDN::targetdir ALSO works as expected. i've easily managed to turn connection/sync-ing ON. so, how do i turn specific access types OFF? specifically, i'd like to limit rsync to ONLY allow the pubkey+ssh transport, and NOT any other channel? high odds are that an option in rsyncd.conf already exists ... question is which one/combo? just not clear 2 me at the moment :-/ thx! richard - -- /"\ \ / ASCII Ribbon Campaign X against HTML email, vCards / \ & micro$oft attachments [GPG] OpenMacNews at gmail dot com fingerprint: 780A 5C81 D446 C616 B113 AA3A 9BF4 3736 88A5 678E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (Darwin) iEYEAREDAAYFAkNjuXQACgkQm/Q3NoilZ44N6gCcDL3w4zDVcTDT/EbfpGoUtQDN NqsAniTOL2ne7QUeJ+ukn/sqaATfhMer =bSgF -----END PGP SIGNATURE-----
Bob Hutchinson
2005-Oct-30 18:03 UTC
how to restrict rscync to ONLY use ssh-pubkey transport & auth?
On Saturday 29 Oct 2005 19:03, OpenMacNews wrote:> hi all, > > i have two OSX boxes set up for ssh via pubkey auth only. > > i'm setting up rsync comms for the first time. > > i have rsyncd running on box A. > > no-auth rsync from box B to/from box A's rsyncd works as expected. > > rsync@B to/from rsyncd@A using pubkey-auth'd-ssh trasport: > > rsync --verbose --stats --recursive -e "ssh -F $MY_SSH_CONF -l $MY_USER" > /path_to_src_dir/* BOX_A_FQDN::targetdir > > ALSO works as expected. > > i've easily managed to turn connection/sync-ing ON. so, how do i turn > specific access types OFF? > > specifically, i'd like to limit rsync to ONLY allow the pubkey+ssh > transport, and NOT any other channel?sounds like a ssh configuration issue to me don't know where that is configured on macs, but under linux/openssh it is in /etc/ssh/sshd_config HTH -- ----------------- Bob Hutchinson Midwales dot com -----------------