On 7/19/07, Matt McCutchen <[EMAIL PROTECTED]> wrote:
Notwithstanding that paragraph, if you forward a local port to the daemon's port, you're additionally in danger of others on the local machine piggybacking on that forward. Using a ProxyCommand in place of a port forward (see method 2 on http://rsync.samba.org/firewall.html ) doesn't have the piggybacking problem and also tends to be more convenient.
Oops, I realized that's not quite what I meant to say. The goal is not to set a ProxyCommand for ssh to *use* (as is the case when there are two ssh-es involved), but to set the equivalent of a proxy command for rsync to use, the command itself involving ssh. I described the two ways to do that at the end of this message: http://lists.samba.org/archive/rsync/2007-May/017793.html . Wayne, please consider mentioning one or both methods on http://rsync.samba.org/firewall.html . Matt -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html