Why put that extra effort into rsync, if you can chain things together ? The power of unix is exactly that - it`s not about using specialiced tools, but it`s about combining them in innumerable ways, thus multiplying their capabilities.
>Another good reason for a SSL-version of rsync: non-Unix clients... Stunnel probably runs on as many platforms like rsync. https://www.stunnel.org/ports.html Besides that, mind that there is no usable native port of rsync on windows. (The cygwin based rsync is very slow, btw) I think stunnel even runs native on win32.(MinGW) I was hoping for ssl in rsync for long, but when i saw RsyncSSL, i think it could obsolete an rsync with compiled in ssl support. Nobdoy would have the idea to put ssh into rsync, rsync is just using that as a sub-process/pipe(and vice versa). So does RsyncSSL (with stunnel). On the server side, with rsync + ssh, the ssh daemon listens for incomming ssh connection and then starts rsync, connecting via stdin/stdout. Analogously, stunnel daemon listens for incoming ssl connection and then starts rsync(d) as a sub-process. The only difference is, that RsyncSSL adds some missing glue. >I'd love to see rsync-ssl (with the server having CRL support, client >cert support, and the client/server doing cert validation of course) as >for one thing I think it would make a damn fine laptop backup solution. It´s exactly what RsyncSSL can do for you. regards roland >List: rsync >Subject: Re: rsyncssl >From: Jason Haar <Jason_Haar () trimble ! com> >Date: 2013-02-04 2:45:47 >Message-ID: 510F20DB.7050003 () trimble ! com >[Download message RAW] > >Another good reason for a SSL-version of rsync: non-Unix clients... > >It's all well and good to talk about using vpns and ssh tunnels - but >the fact is that a large percentage of rsync clients are non-Unix - like >Windows - and getting them set up for ssh/etc is layering extra software >on top of rsync. I'm not saying it can't work - but it's not simple. > >I'd love to see rsync-ssl (with the server having CRL support, client >cert support, and the client/server doing cert validation of course) as >for one thing I think it would make a damn fine laptop backup solution. >I've run more than my share of Internet-facing services in my time and >the lowest maintenance ones are the SSL/TLS services that require client >certs. The bad guys cannot even "knock on the door"! > >An Internet-based rsync-ssl server that requires client certs would be >brilliant for backing up laptops over the Internet: an enterprise >competitor to all those cloudy services such as Dropbox/etc. :-) [well, >probably need that VSS patch for rsync-win32 too ;-)] > > >-- >Cheers > >Jason Haar >Information Security Manager, Trimble Navigation Ltd. >Phone: +1 408 481 8171 >PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
