4
1
I don't know much about the specifics of rsync, SSH, stunnel, etc, but I'm looking for a way to make rsync backups, but the transfer of data over the network must be encrypted (the credentials, and the data itself). It looks like I have 2 options (do I have more?):
- rsyncd + stunnel: Run an rsync daemon on the remote machine, and set up stunnel to encrypt the communication between them (where stunnel is necessary because rsyncd by itself has no encryption)
- rsync over SSH: Just use the regular rsync command and set SSH as the remote shell, to encrypt communcation.
What are the pros and cons of each of these approaches from the perspectives of security, speed, efficiency, ease of administration, etc?
Generally speaking: 1. It is more difficult to administrate more things as well as providing more things to break and or provide a larger attack area; also 2. Encryption strength vs speed will be inversely related. – Keith Reynolds – 2016-09-27T22:33:51.097