Re: Problems using rssh with rsync
Brought to you by:
xystrus
From: Russ A. <rr...@st...> - 2013-09-24 19:46:30
|
Andrew Daviel <ad...@tr...> writes: > We have a server with rssh-2.2.3 on CentOS 3, and tried connecting with > rsync-3.0.6 from CentOS 5. > I get "insecure -e option not allowed". > When I look a the source for rsync, I find it's adding "-e.s" for some > reason but I can fix that by using --protocol=26. > I tried building the current version of rssh (2.3.4-1) thinking that maybe > the problem was fixed. But it's actually worse. > I don't know why rsync is sending "--sender" etc., but it's the standard > RedHat version of rsync. I'm guessing that rssh is not parsing long options > properly and is just finding 'e' in --server. > Seeing as rsync is one of the documented commands that works with rssh, > I'm wondering what's going on. I see that Sourceforge has completely broken their mailing list archives so that you can't retrieve the content of previous list messages or I would point you at the previous discussion of this. You need patches in order to work with the latest rsync. They reused the -e option in a very unfortunate way to specify protocol information, and it's quite tricky to ensure that the running command is still secure. Debian (and I believe some others) are using the attached, which is against 2.3.4. (I would point you to the Debian patch tracker, but it's down at the moment; the link at: http://patch-tracker.debian.org/package/rssh/2.3.3-6 has the patch set against 2.3.3, which includes the security fix in 2.3.4, but that's not as clean as the patches based on 2.3.4 directly.) -- Russ Allbery (rr...@st...) <http://www.eyrie.org/~eagle/> |