X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/8f3a2d54a6d3ffa7eefa13478c67ccfa9a3df513..c6b81a9865b49f39f7d388ac64a8d74ce414081e:/rsyncd.conf.yo

diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo
index a7843670..9e9de5e7 100644
--- a/rsyncd.conf.yo
+++ b/rsyncd.conf.yo
@@ -91,6 +91,11 @@ support the "max connections" option. The rsync server uses record
 locking on this file to ensure that the max connections limit is not
 exceeded. The default is tt(/var/run/rsyncd.lock).
 
+dit(bf(log file)) The "log file" option tells the rsync daemon to log
+messages to that file rather than using syslog. This is particularly
+useful on systems (such as AIX) where syslog() doesn't work for
+chrooted programs like rsync.
+
 dit(bf(syslog facility)) The "syslog facility" option allows you to
 specify the syslog facility name to use when logging messages from the
 rsync server. You may use any standard syslog facility name which is
@@ -99,6 +104,13 @@ ftp, kern, lpr, mail, news, security, syslog, user, uucp, local0,
 local1, local2, local3, local4, local5, local6 and local7. The default
 is daemon. 
 
+dit(bf(socket options)) This option can provide endless fun for people
+who like to tune their systems to the utmost degree. You can set all
+sorts of socket options which may make transfers faster (or
+slower!). Read the man page for the setsockopt() system call for
+details on some of the options you may be able to set. By default no
+special socket options are set.
+
 enddit()
 
 
@@ -218,7 +230,7 @@ connect.
 
 The default is no "hosts allow" option, which means all hosts can connect.
 
-dit(bf(hosts allow)) The "hosts deny" option allows you to specify a
+dit(bf(hosts deny)) The "hosts deny" option allows you to specify a
 list of patterns that are matched against a connecting clients
 hostname and IP address. If the pattern matches then the connection is
 rejected. See the "hosts allow" option for more information.
@@ -227,6 +239,23 @@ The default is no "hosts deny" option, which means all hosts can connect.
 
 enddit()
 
+manpagesection(AUTHENTICATION STRENGTH)
+
+The authentication protocol used in rsync is a 128 bit MD4 based
+challenge response system. Although I believe that no one has ever
+demonstrated a brute-force break of this sort of system you should
+realise that this is not a "military strength" authentication system.
+It should be good enough for most purposes but if you want really top
+quality security then I recommend that you run rsync over ssh.
+
+Also note that the rsync server protocol does not currently provide any
+encryption of the data that is transferred over the link. Only
+authentication is provided. Use ssh as the transport if you want
+encryption.
+
+Future versions of rsync may support SSL for better authentication and
+encryption, but that is still being investigated.
+
 manpagesection(EXAMPLES)
 
 A simple rsyncd.conf file that allow anonymous rsync to a ftp area at