Cyrus backup: is traffic from master to backup server encrypted?
Deborah Pickett
debbiep at polyfoam.com.au
Sun Nov 10 22:25:31 EST 2019
Answering my own question:
>
> ... or do I need to establish my own SSH tunnel from master to backup
> server?
>
I do have to supply my own tunnel. The Cyrus backup daemon currently
(3.1.7) doesn't support the STARTTLS command.
if (!strcmp(cmd.s, "Starttls") && tls_enabled()) {
prot_printf(backupd_out, "NO command not implemented\r\n");
eatline(backupd_in, c);
continue;
}
Source:
https://github.com/cyrusimap/cyrus-imapd/blob/master/backup/backupd.c#L715
Patrick: you are running the Cyrus sync server on port 2005, which does
support TLS. That's not the same as the backup server (at least in the
3.x.x tree). Note the difference in the OK line from the server.
--
*Deborah Pickett*
System Administrator
*Polyfoam Australia Pty Ltd*
More information about the Info-cyrus
mailing list