From owner-freebsd-questions@FreeBSD.ORG Mon Oct 27 12:07:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4EAF916A4B3 for ; Mon, 27 Oct 2003 12:07:37 -0800 (PST) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF36543FDD for ; Mon, 27 Oct 2003 12:07:33 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h9RK7NDK026073 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 27 Oct 2003 20:07:28 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)id h9RK7M7X026072; Mon, 27 Oct 2003 20:07:22 GMT (envelope-from matthew) Date: Mon, 27 Oct 2003 20:07:22 +0000 From: Matthew Seaman To: Gary Kline Message-ID: <20031027200722.GA25814@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Gary Kline , FreeBSD Mailing List References: <20031027185625.GA97440@tao.thought.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="IJpNTDwzlM2Ie8A6" Content-Disposition: inline In-Reply-To: <20031027185625.GA97440@tao.thought.org> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-4.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.60 X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on happy-idiot-talk.infracaninophile.co.uk cc: FreeBSD Mailing List Subject: Re: synchronization utility (! using ssh) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Oct 2003 20:07:37 -0000 --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 27, 2003 at 10:56:25AM -0800, Gary Kline wrote: > Wasn't there/isn't there a remote sync utility that you > could use without ssh. You had, perhaps optionally, a list=20 > of directories (andor files) and the utility copied=20 > only changed files from machine A to :B? I use ssh, > and have a pretty good firewall set up on my DNS server. > Just wondering if some of this isn't overkill... and=20 > trying to remember the utility. Was it rsync after all? rsync(1), rdist(1), even tar(1) all can be used with alternatives to ssh in order to copy files to a remote machine. The question is "why would you want to?" Basically, if you aren't using ssh(1), then you're using rsh(1) which is an archaic protocol; a security incident waiting to happen and something you don't admit to using in polite company. I could mention rexec here, but this is a family mailing list and inappropriate for the sort of invective I would feel obliged to heap upon it. ssh(1) is only overkill until you realise exactly what you are laying yourself open to by not using it. Even inside a protected network, get into the habit of using it: it doesn't take much to accidentally end up using an inferior, insecure alternative to external destinations. Plus ssh(1) has other advantages like correctly returning the exit status of remote commands, being able to use key based authentication, X11 display forwarding and ssh-agent forwarding. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --IJpNTDwzlM2Ie8A6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/nXr6dtESqEQa7a0RAvE7AJ0RJgBqeNktVKCpp/n6zbK++hgjWQCgmceK oFzdIf5M9j2RbNm25ixdnng= =Zm7u -----END PGP SIGNATURE----- --IJpNTDwzlM2Ie8A6--