rsync - May 2026 - rsync readonly mode?

On Fri 10 Apr 2026, Kevin Korb via rsync wrote:
> 
> I didn't mean that almost nobody uses the read only option in
rsyncd.conf.
> I meant that almost nobody uses rsyncd at all.  Publishing publicly
> available read only repositories is one of the things it is still used for.
I use it extensively for backups in our "private cloud" network, and 
elsewhere, together with appropriate firewall rules.
I trust rsyncd with appropriate "hosts allow", "uid" and
"read only =
yes" in de modules definitions more than hoping that no one ever makes 
an error in locking down root ssh access.
> Rsync over ssh isn't just about encryption it is also about the far
superior
> authentication capabilities of ssh.  Like ssh keys. This is especially
> important when rsyncing as root for system backups.
FWIW the (admittedly) simplistic rsync authentication can add a bit more 
security to an rsyncd setup.


Paul

I disagree that "nobody uses rsyncd at all" unless you mean
specifically to exclude use of rsync in daemon mode over ssh transport or other
secure transport.  I've seen it used (and still see it used) many places,
and generally for the same reason - to enforce rsync configuration in a way the
client cannot override, while obtaining the markedly superior security
properties of SSH or TLS transport.  The typical patterns are either:

1) Force use of rsync as the user's login shell (note that OpenSSH
"ForceCommand" is not sufficient if the user has access to write the
underlying filesystem, as ForceCommand uses the login shell to execute the
command, and can be spoofed if the user can write the shell startup files).
2) Put rsync --daemon behind stunnel or similar TLS-speaking proxy that can do
the desired kind of authentication.

Thor

-----Original Message-----
From: rsync <rsync-bounces at lists.samba.org> On Behalf Of Paul Slootman
via rsync
Sent: Sunday, April 12, 2026 10:07 AM
To: rsync at lists.samba.org
Subject: Re: rsync readonly mode?

On Fri 10 Apr 2026, Kevin Korb via rsync wrote:
>
> I didn't mean that almost nobody uses the read only option in
rsyncd.conf.
> I meant that almost nobody uses rsyncd at all.  Publishing publicly
> available read only repositories is one of the things it is still used for.
I use it extensively for backups in our "private cloud" network, and
elsewhere, together with appropriate firewall rules.
I trust rsyncd with appropriate "hosts allow", "uid" and
"read only = yes" in de modules definitions more than hoping that no
one ever makes an error in locking down root ssh access.
> Rsync over ssh isn't just about encryption it is also about the far
> superior authentication capabilities of ssh.  Like ssh keys. This is
> especially important when rsyncing as root for system backups.
FWIW the (admittedly) simplistic rsync authentication can add a bit more
security to an rsyncd setup.


Paul

--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html