On Fri, Dec 21, 2001 at 09:58:40AM +1100, Tim Potter wrote: > On Thu, Dec 20, 2001 at 04:45:52PM -0600, Dave Dykstra wrote: > > > > Does running rsync in daemon mode on the remote host preclude the need > > > to use SSH from the client? If so, how secure is this versus using rsync > > > in non daemon mode with SSH? I have considered building SSH to not use > > > encryption, but I was thinking rsync in daemon mode might obviate the > > > need to have to use SSH if it can still be made secure. > > > > Unfortunately, the answer is no. The rsync daemon can protect access with > > passwords that are not sent in the clear over the network, but it does not > > do anything to guarantee that hosts are not being spoofed and that there's > > no man-in-the-middle. The answer for people who use that has always been > > to use ssh.
In re-reading my answer I see there are a couple slightly confusing things. For one thing, I meant 'people who need that', not 'people who use that'. Also by "can protect access with passwords that are not sent in the clear" I meant that the rsync daemon passwords are never sent in the clear, they are used for a challenge-response protocol. > Wow - three slightly different answers. (-: You make a good point with > the host authentication property of ssh. Yes, that was pretty funny that they all came about the same time. The answer that said the passwords were sent in the clear was incorrect, though, and host authentication is vital. Rsync has no way at all for the client to know it's talking to the real server, and the password authentication is not enough to assure the server that it's talking to the real client. The password seems like it could guarantee to the server that it's talking to the real client, but that's not so because there are no integrity checks on the data that is passed back and forth after the initial authentication, so if somebody hijacks the session or is a man-in-the-middle they can do whatever they want after the real client authenticates. - Dave Dykstra
