# [SOLVED] emerge --sync security

## litan

Hello,

I did my best to search for this topic in the forum and on the web but didn't find anything.

As far as I understand, emerge --sync uses plain rsync protocol in the backround, which provides

neither encryption nor authentication. Is this correct?

If so, wouldn't that mean that anyone controlling a machine between my gateway and the portage mirror

can easily pull off a MITM and push to my portage tree any forged ebuild he wants?

Doesn't it also mean that if my DNS is manipulated, emerge will happily connect to any other rsync server?

Or am I missing something?

Don't worry, I am using emerge-webrsync with signature verification all along,

but since a lot of Gentoo users seem to use rsync, this question bugs me.

Also all howto's about setting up a portage mirror only explain rsync.Last edited by litan on Sat Jan 18, 2014 6:09 pm; edited 2 times in total

----------

## NeddySeagoon

litan,

Thats correct, the payload could be delivered in a /files directory as a patch.  Tree signing is coming soon

----------

## litan

NeddySeagoon, thank you very much for your answer.

Then I will stick with emerge-webrsync and am looking forward to the tree signing.

Seems like some Manifest files are already signed.

I believe it is secure to download distfiles over an insecure connection or from an untrusted source,

if I have a trusted portage tree, because of the hashes, right?

Don't know if it belongs into this thread, but since it is somewhat related to the topic,

incidentally the following just happened to me (first time ever):

```

# emerge -S whirlpool

Searching...   | * Digest verification failed:

 * /usr/portage/dev-perl/perl-ldap/perl-ldap-0.570.0.ebuild

 * Reason: Failed on SHA256 verification

 * Got: 9a5115ebaebd8ff18b37fe736207cb668f10d4d189cb3b4719d462efcce7815e

 * Expected: 59b8bd21579f2e8241651301846ec0e32ca9a6adc3dc4940fccdafccfb3c378b

```

This happens only in one of my Gentoo installations, but I always used emerge-webrsync, I'm pretty sure.

Any ideas what that could mean? A search only brought up a bug with pycrypto, which was fixed years ago.

----------

## NeddySeagoon

litan,

Syncs are not atomic.  Its possible you have a mix of old bits and new bits.

A new sync should fix it.

----------

## litan

I see, you mean the sync was interrupted at that point.

Yes, a new sync fixed it.

Thank you for enlightening me.  :Smile: 

----------

