diff options
| author | Wayne Davison <wayned@samba.org> | 2005-12-14 22:14:26 +0000 |
|---|---|---|
| committer | Wayne Davison <wayned@samba.org> | 2005-12-14 22:14:26 +0000 |
| commit | 2b7e12924d91ce2470b0fefb20fe409ce090b3e7 (patch) | |
| tree | e3fbf0358d28131612870fdd6f9c98ea73b629c1 /rsyncd.conf.yo | |
| parent | 82f0c63e8a94fc095d9b9507ad963a411625a0c7 (diff) | |
| download | rsync-2b7e12924d91ce2470b0fefb20fe409ce090b3e7.tar.gz rsync-2b7e12924d91ce2470b0fefb20fe409ce090b3e7.tar.bz2 rsync-2b7e12924d91ce2470b0fefb20fe409ce090b3e7.zip | |
Mention that the MD4 password protection is weaker than
previously thought.
Diffstat (limited to 'rsyncd.conf.yo')
| -rw-r--r-- | rsyncd.conf.yo | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index 4186ad4d..3b05a3e2 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -485,11 +485,11 @@ enddit() manpagesection(AUTHENTICATION STRENGTH) The authentication protocol used in rsync is a 128 bit MD4 based -challenge response system. Although I believe that no one has ever -demonstrated a brute-force break of this sort of system you should -realize that this is not a "military strength" authentication system. -It should be good enough for most purposes but if you want really top -quality security then I recommend that you run rsync over ssh. +challenge response system. This is fairly weak protection, though (with +at least one brute-force hash-finding algorithm publicly available), so +if you want really top-quality security, then I recommend that you run +rsync over ssh. (Yes, a future version of rsync will switch over to a +stronger hashing method.) Also note that the rsync daemon protocol does not currently provide any encryption of the data that is transferred over the connection. Only |