Re: [PLUG] rsync

gabriel rosenkoetter on 17 Nov 2006 01:35:55 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] rsync

From: gabriel rosenkoetter <gr@eclipsed.net>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] rsync

Date: Thu, 16 Nov 2006 20:35:43 -0500

Mail-followup-to: plug@lists.phillylinux.org

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Mutt/1.5.13 (2006-08-11)

On Thu, Nov 16, 2006 at 04:44:36PM -0800, Marc Zucchelli wrote: > For example, I successfully backed up a directory from one host > to another using rsync over ssh, and the rsync daemon was not > running. Great, you're done. Script it, schedule it, walk away. You may find that you'll be interested in null-passphrase SSH PKI keys for root, and associated "only execute this command" seetings in ~root/.ssh/authorized_keys, but the rsync part of your problem is done. > What is the point of the rsync daemon? It's for people who are justifiably uncomfortable with rlogin, but who are equally wary of adding a login vector to their systems by way of SSH. It's a bit outdated, especially on OSS operating systems, but it still makes some out of sense in some closed networks using some commercial Unix-like operating systems, and relying on some details of those OSes' PAM authentication (think hitting Active Directory for authentication, via CIFS or Kerberos). Even there, they should just buck up and accept that the SSH protocol and OpenSSH daemons have had sufficient peer review at this point, and that there are established and accepted method to configure those with all major vendors' PAM implementations, but their stance is not without reason, especially if they're using older OS major versions. > Can I run a backup using the daemon over ssh? Yep. Silly question. You just did. :^> > Is there a point? Assuming you mean, "... to the rsync daemon": probably not for your usage case. > I am not seeing the purpose of the daemon, but all of the HOWTO's > seem to mention it. Mostly because it exists and people did put a non-trivial amount of time into writing it. I've forgotten whether there's a noticeable benefit, speed-wise, in running the rsync daemon over a connection whose privacy is protected separately (by tcp_wrappers, by SSL, by hardware-based IPSEC, etc), but common sense suggests that it would, but the benefit would be negligible over a LAN, as distinct from WAN, link. -- gabriel rosenkoetter gr@eclipsed.net
Attachment: pgp4gx7pX1pFW.pgp
Description: PGP signature

___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] rsync
From: Dan Widyono <dan@widyono.net>

References:

[PLUG] rsync
From: Marc Zucchelli <marcz908@yahoo.com>

Prev by Date: [PLUG] rsync

Next by Date: Re: [PLUG] rsync

Previous by thread: [PLUG] rsync

Next by thread: Re: [PLUG] rsync

Index(es):

Date

Thread