Cyrus backup: is traffic from master to backup server encrypted?

Patrick Boutilier boutilpj at ednet.ns.ca
Fri Nov 8 06:35:59 EST 2019


Odd, works here.


telnet localhost 2005
Trying ::1...
Connected to localhost.
Escape character is '^]'.
* SASL PLAIN
* STARTTLS
* COMPRESS DEFLATE
* OK domain Cyrus sync server v2.4.20
STARTTLS
OK Begin TLS negotiation now




On 11/8/19 2:12 AM, Deborah Pickett wrote:
> ... or do I need to establish my own SSH tunnel from master to backup 
> server?
> 
> I've set up my dedicated Cyrus backup server with tls_server_cert and 
> tls_server_key, and when I connect to port 2005 I see that STARTTLS is 
> offered:
> 
> # nc localhost 2005
> * SASL PLAIN LOGIN DIGEST-MD5
> * STARTTLS
> * COMPRESS DEFLATE
> * OK rsync Cyrus backup server 3.0.11-Debian-3.0.11-1~bpo10+1
> STARTTLS
> NO command not implemented
> 
> But as shown, the STARTTLS command from the client is rejected.
> 
> I believe that DIGEST-MD5 gives me some level of privacy (sync_test 
> reports a security strength factor of 128) even without TLS?
> 
> -- 
> *Deborah Pickett*
> System Administrator
> *Polyfoam Australia Pty Ltd*
> 
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: boutilpj.vcf
Type: text/x-vcard
Size: 286 bytes
Desc: not available
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20191108/8a0a1ab4/attachment.vcf>


More information about the Info-cyrus mailing list