On Wed, 1 Nov 2000, David Cantrell wrote:
> Rsync access has been reopened. The password for the private beta-tester
> only rsync server is:
Cool. I was gonna suggest this before, but: what do you think of
setting up ssh as the rsync transport, and taking ssh authorized_keys
from the testers, setting them up to only be able to run the forced
command="rsync -some -options" ? You could further request that we tell
you the networks we'd come from (in my case that'd suck, because I can
be anywhere in two different class B's...). Then the transfers would be
more secure in general, and it'd be a *lot* harder for access-credentials
to "leak," even accidentally, and you'd be able to tell whose creds were
compromised.
/me removes security-paranoid hat
Hank
This archive was generated by hypermail 2b30 : Thu Sep 19 2002 - 11:00:02 PDT