[TAG] Securing rsync

[mso@oz.net]

I'm trying to get rsync access to an OS X server with a paranoid sysadmin
who doesn't know much about Unix progams.  (He's a GUI kind of guy.)  He's
offered me FTP access to one directory but I'd really like to use rsync
due to its low-bandwidth nature and auto-delete feature (delete any file
at the destination that's been deleted at the source).  His main desire is
not to grant a general-purpose account on the server, so if I can convince
him that rsync+ssh can be configured to grant access only for rsync in
that directory, I may have a chance.  But since they're two separate
programs (as opposed to *ftpd and mysqld, which can have private password
lists for only their program), I'm not sure how to enforce that.  Would I
have to use rsyncd alone, which I guess means no encryption?  (Granted,
ftp has no encryption either, but I think he's just using that due to lack
of knowledge of alternatives.)

(And when is ssync going to arrive, to avoid this dual-program problem?)

-- 
-- Mike Orr <mso at oz.net>