Re: SSH & Rsync issues
On Sep 10, 2010, at 2:49 PM, Rob Owens wrote:
> On Fri, Sep 10, 2010 at 02:18:42PM -0400, Hal Vaughan wrote:
>> On Sep 10, 2010, at 1:36 PM, Rob Owens wrote:
>>> You should probably google "rsyncd encryption" and see what you can
>>> For the single-colon rsync, you don't need to specify --rsh=ssh. It is
>>> the default.
>> Yeah, but I don't want to set up user accounts on the host. For one thing, on my web hosting site, Westhost doesn't provide an easy way to add users, so I can't just add another easily. Everything in my system is automated so I can add a new client/user with a single command. It's a pain to have it all set up here then have to go to the web control panel on the website to add a user. When it's not automated, it's easy to forget a step of the process.
>> I've decided I'm going to encrypt the files locally, then send them up using rsync to an account that requires a password and the other system will download them THEN unencrypt them, so the files will be encrypted when sent over the Internet and stored there and only clear when they're on a local system.
> Just be careful. I think I recall reading that the rsyncd user/password
> is sent either cleartext or with not-too-difficult-to-crack encryption.
> Here is a fairly old writeup on using rsyncd with stunnel. Maybe it
> will be helpful.
Thanks for the tip and the info on stunnel!