On Thu, Dec 20, 2001 at 04:45:52PM -0600, Dave Dykstra wrote: > > Does running rsync in daemon mode on the remote host preclude the need > > to use SSH from the client? If so, how secure is this versus using rsync > > in non daemon mode with SSH? I have considered building SSH to not use > > encryption, but I was thinking rsync in daemon mode might obviate the > > need to have to use SSH if it can still be made secure. > > Unfortunately, the answer is no. The rsync daemon can protect access with > passwords that are not sent in the clear over the network, but it does not > do anything to guarantee that hosts are not being spoofed and that there's > no man-in-the-middle. The answer for people who use that has always been > to use ssh.
Wow - three slightly different answers. (-: You make a good point with the host authentication property of ssh. Tim.
