Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Nick Cleaton via rsync
On Thu, 18 Feb 2021, 15:28 Karl O. Pinc via rsync, wrote: > > For some 15 years+ (?) I've had a /root/.ssh/authorized keys line > that starts with: > > "no-pty,no-agent-forwarding,no-port-forwarding,no-user-rc,no-X11-forwarding,command="rsync > --server --daemon ." > > Occasionally I frob the

Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Paul Slootman via rsync
On Thu 18 Feb 2021, Bri Hatch via rsync wrote: > > We use authprogs for more than just rsync though, and want more granularity > than rrsync can support. If you force rrsync for the ssh key via > command="rrsync" then that key may only be used to run rsync, you can't > also allow additional

Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Karl O. Pinc via rsync
On Thu, 18 Feb 2021 12:22:33 -0500 Kevin Korb via rsync wrote: > You should both look into rrsync. It comes with rsync and is designed > to do exactly this. I'm not really interested in restricting rsync to particular directories. That seems to be what rrsync is for, although it's a little

Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Bri Hatch via rsync
I'm aware of rrsync, and it works well for its use case. We use authprogs for more than just rsync though, and want more granularity than rrsync can support. If you force rrsync for the ssh key via command="rrsync" then that key may only be used to run rsync, you can't also allow additional

Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Kevin Korb via rsync
You should both look into rrsync. It comes with rsync and is designed to do exactly this. Unfortunately some Linux distros are maintained by insane people who install rrsync as if it was documentation (compressed and not executable) instead of a helper script which is what it is. On 2/18/21

Re: rsync support in authprogs - feedback requested

2021-02-18 Thread Karl O. Pinc via rsync
On Wed, 17 Feb 2021 21:52:06 -0800 Bri Hatch via rsync wrote: > I recently added initial rsync support to authprogs. > I'd be very interested in feedback For some 15 years+ (?) I've had a /root/.ssh/authorized keys line that starts with:

rsync support in authprogs - feedback requested

2021-02-17 Thread Bri Hatch via rsync
Authprogs is a general purpose SSH command authenticator; it allows you to restrict what commands are allowed for a given SSH key. It's installable via pip and is in recent Debian and Ubuntu. I recently added initial rsync support to authprogs. My goal is