From: "Paul Smedley" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 661865 for ecs-isp@2rosenthals.com; Mon, 06 Apr 2020 17:29:20 -0400 Received: from [192.168.200.201] (port=58024 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1jLZIu-0000tZ-27 for ecs-isp@2rosenthals.com; Mon, 06 Apr 2020 17:29:12 -0400 Received: from mail-pf1-f179.google.com ([209.85.210.179]:44716) by mail2.2rosenthals.com with esmtps (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1jLZE7-0004lC-2n for ecs-isp@2rosenthals.com; Mon, 06 Apr 2020 17:24:15 -0400 Received: by mail-pf1-f179.google.com with SMTP id b72so8216489pfb.11 for ; Mon, 06 Apr 2020 14:24:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=smedley-id-au.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=OBIxthY8dBN348Ea0xrvn3l8WdQyJpE5elivZuvPvrg=; b=SQMZWnqoD5BWgEYWDvydPrp2zPl7OMs7oMeR4YCgZ8zkULAsNXJezQyj1acWIZ3lGF qH/CAWDN0nRJ8DAbWGdVBVFyHXBRIqvOIJeT30pJLKJs03h657DjzcnNHPZ0YNXfNxLC 4hs1b2y388KCvCRG5kCgXu7qaaJWPFjCzOgSJXibrwCvZqWGSA3JAV5u1L+hOG5YfDzq JgwKYPPh/si2OU6wMcvGXnHYcMGMlAKSUndrn9YIUB5asL66rZLzKZDZoqe5O/lFISjL 2pVXfIdo+Js1Gfw2x07rTjtvnMx9e5rJs4rxbafXWyP8locTZhqzUj5OYd38x1ZkKjr1 yPLA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=OBIxthY8dBN348Ea0xrvn3l8WdQyJpE5elivZuvPvrg=; b=VP6gtkyO8MOoauSl2hDm3LOZ1KYqyI6ozjZZbAkZorEdfKxz8Cmr8V3EGoRXQ9JOQn j/Zph6xdu8pVgHnZ+HjBU5uzbRi8ZK6xCDQHs0cY1jVCy2uPycFz3/63ZLAop7EV2leC QCjNYsAaidldJw45Q7Xcz715LWINmtRJ7hR5FolSdDhx8Rh1dcPgxX3NxG/wcmZdgsii hiULeEF8yikeU5b8JL+o57fbZyeUuBJ04TSQEy2Dgkz9rETIhSsQ0Ki6kwEQ3k8oUmJq tzkBQ7IfePPdUCvTl1rlD6+P84kTF+M6mS0GWI0KlkkEJdE5IzF7AOEN6b+9mQvGi3Oz H6KA== X-Gm-Message-State: AGi0PubuHzSE0V7AT9giwKxMb+w4Vm1Zv+nb1F1teeXhwIwlH6i5871a kXkoTkDGMxjY37XOtjZQyRLKXvnyETg8Yg== X-Google-Smtp-Source: APiQypKd95CKbpgoaWeAs8JSRXnIwd6nQu3s+aIW6QKmmT6bDCFOuzRk2AA+7+SDD9RePul8u+j3zA== X-Received: by 2002:a63:2b0b:: with SMTP id r11mr1005199pgr.129.1586208246445; Mon, 06 Apr 2020 14:24:06 -0700 (PDT) Return-Path: Received: from ?IPv6:2403:5800:5100:f00:3885:607f:111e:9949? (2403-5800-5100-f00-3885-607f-111e-9949.ip6.aussiebb.net. [2403:5800:5100:f00:3885:607f:111e:9949]) by smtp.gmail.com with ESMTPSA id 189sm12249719pfg.170.2020.04.06.14.24.04 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 06 Apr 2020 14:24:05 -0700 (PDT) Subject: Re: [eCS-ISP] SSH for OS/2 To: eCS ISP Mailing List References: Message-ID: <869ea7ef-2715-f374-d4fb-28d889f82455@smedley.id.au> Date: Tue, 7 Apr 2020 06:54:02 +0930 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Hey Steven, On 7/4/20 5:50 am, Steven Levine wrote: > In , on 04/06/20 > at 09:00 PM, "Ian Manners" said: > > Last time I tested rsync over ssh, it did not work. Dave Saville and I > were working on an updated ssh distro that would resolve this at the time > of his passing. > > What will work just fine is rsync via stunnel. For security configure > stunnel to do level 3 verification on the SSL cert presented by the > client. This is how I access several of the servers I manage. > > What might work, is rsync via ssh port forwarding, although I've not > tested this. This is as secure as the ssh connnection. The other option could be firewall rules, that only allow access to that port from specific IP addresses? (assuming the source of the rsync address is on a static IP). Cheers, Paul -- This email was Anti Virus checked by Astaro Security Gateway. http://www.sophos.com