On 27 Oct 2000, Dave Dykstra <[EMAIL PROTECTED]> wrote:
> There's been a lot of talk about incorporating openssl into rsync but
> it's never been done.
My previous message explains why it seems hard, but perhaps I've just
missed something.
> I'm actually much more interested in the active attack of DNS spoofing.
> Somebody said you can do that with openssl if you support host
> certificates, but I don't know much about how that works.
SSL as used in HTTPS gives this protection.
When the client connects, the server offers its certificate, which can
include a domain name or suffix pattern (e.g. *.linuxcare.com.au).
The client checks this against the forward and reverse DNS entries of
the server, and complains if they differ.
So, to set up a server you must generate a certificate containing the
name you claim to be.
But anybody can generate a certificate claiming to be rsync.samba.org,
and if they then take over samba.org the client will be fooled. Up to
this point SSL and SSH are the same, but they have different solutions
from here.
SSH1 allows you to either transfer the certificate out-of-band
(e.g. by GPG-signed mail from the sysadmin) to the client's
known-hosts file, or to simply check that the certificate is the same
as last time. The second, though not very secure, is easy to use and
works unless you happen to first connect when DNS spoofing is
underway.
SSL, on the other hand, requires that the certificate be signed by a
certification authority, who check that you really are the correct
owner of the domain. SSL2 uses OpenPGP for certificates, so they can
be signed in a similar way.
So while SSL certification is more secure, it's also *much* more
hassle to set up.
> While you're looking into this stuff, please also check a message from
> over a year ago
>
> http://lists.samba.org/pipermail/rsync/1999-July/001250.html
>
> in which Leif Johansson shows that he went through a lot of work to
> incorporate sasl into rsync but nothing was ever done with it.
Thanks for the link. I'll try the patch sometime and perhaps we can
merge it.
--
Martin Pool, Linuxcare, Inc.
+61 2 6262 8990
[EMAIL PROTECTED], http://www.linuxcare.com/
Linuxcare. Support for the revolution.
PGP signature
