Re: mirroring policy

To: Jason Gunthorpe <jgg@gpu.srv.ualberta.ca>
Cc: "James A.Treacy" <treacy@debian.org>, debian-devel <debian-devel@lists.debian.org>
Subject: Re: mirroring policy
From: Philip Hands <phil@hands.com>
Date: Fri, 12 Jun 1998 07:09:44 +0100
Message-id: <[🔎] 3064.897631784@hands.com>
In-reply-to: Your message of "Thu, 11 Jun 1998 19:52:47 MDT." <[🔎] Pine.LNX.3.96.980611194806.4836H-100000@Wakko.ualberta.ca>

> Lets ask Andrew to add CHAP like authentication - that will clear my
> complaints. I don't like the idea of IP based authentication, it is weak
> and it is a pain to admin.

Too late --- he's already added it :-)

In the /etc/rsyncd.conf file on the target, you need something like this:

  [debian-push]
     path = /mirror/debian
     comment = Debian Push Mirror Access (requires authentication)
     auth users = debiansama
     gid = debmirror
     read only = false
     secrets file = /etc/rsyncd.debian.secrets

with a /etc/rsyncd.debian.secrets something like:

       debiansama:masterpassword

Then on master, you would run something like:

RSYNC_PASSWORD=masterpassword \
 rsync -av --delete /debian2/debian/ debiansama@target.host.com::debian-push/

Obviously, having the passwords in the script is a security problem, but 
anyone with root access to master is probably going to be able to get round 
any other approach.

Cheers, Phil.



--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: mirroring policy
  - From: Jason Gunthorpe <jgg@gpu.srv.ualberta.ca>

Prev by Date: Re: Propersel for standerd configuration system.
Next by Date: Intent to package: ud
Previous by thread: Re: mirroring policy
Next by thread: Re: mirroring policy
Index(es):
- Date
- Thread