The man page says:
--password-file
This option allows you to provide a password in a
file for
accessing an rsync daemon. The file must not be world
readable.
It should contain just the password as a single line.
The trouble with this is that the file then shows up like this in an ls:
2 -rw------- 1 root wheel 9 Jan 24 2007 /var/
rsync.passwd.server.mount
2 -rw------- 1 root wheel 11 Jun 30 2007 /var/
rsync.passwd.serv2.moun2
2 -rw------- 1 root wheel 10 Jul 14 2008 /var/
rsync.passwd.tuesday.mountie
This tells everyone the exact length of each password (8 characters,
10, characters, and 9 characters, respectively).
Granted, it's not MUCH of a security issue, and I guess the password-
files can be stored somewhere out of reach, but it seems to be that it
would be better if the password-file supported a format something like
this:
## Rsync Password File
#
# updated 20090117
server::mount password
serv2::moun2 password
# This server is only used on tuesdays
tue::mountie password
## EOF
First off, it would let you have multiple passwords in a single file
and second of all, it would completely conceal the lengths of each
password. (or some other format, even htpasswd format)
--
The Salvation Army Band played and the children drunk
lemonade and the morning lasted all day, all day.
And through an open window came like Sinatra in a
younger day pushing the town away
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
