Michael Sternberg wrote: > Just wondering how rsync+ssh combination is working. > Is it safe from security point of view ? > What overhead it introduces - is it quick enough ?
It works perfectly. In regard to security, in terms of the data passed it's as secure as ssh, but there's a catch: because of the rsync algorithm, the timing of packets can reveal some information about the stuff being sent. For instance, if you're syncing a single large file that had few changes since the previous sync, an eavesdropper can learn the size of the file and the approximate *location* of the changes. If the eavesdropper happens to have an older version of the file, or knows some partial information about its content (easy if it's the output of 'tar cf /', for instance), then additional information is being leaked. That said, for reasonaly sensitive data and reasonably eager adversaries, rsync+ssh is definitely good enough. Eran ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
