Timeline for Force Rsync Daemon Over SSH
Current License: CC BY-SA 4.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jul 24, 2022 at 15:32 | comment | added | Sotto Voce |
You can launch an rsyncd that listens on a port different from 873, and the client can connect to it using the normal :1234 suffix to the hostname in the URL. I've done it myself. There may not be much point in doing that for this question, but I wanted to point out that the rsync protocol on other ports is possible.
|
|
| Jul 24, 2022 at 14:08 | comment | added | Chris Davies |
@Time-Bandit don't change your firewall configuration. My solution will work just as is. Please try it! (You can test with --dry-run if you don't want to make any changes to the local target)
|
|
| Jul 24, 2022 at 13:25 | comment | added | user10489 |
I think the answer in this comment is correct. Don't use :: if you don't want to use port 873. Test by disabling the rsyncd service on port 873.
|
|
| Jul 24, 2022 at 13:15 | comment | added | Time-Bandit | @user10489 thanks I will adjust accordingly. You would happen to know why my original rsyncd over ssh isn't working according to docs? I would rather not open port 873 in my firewalls. | |
| Jul 24, 2022 at 12:56 | comment | added | Chris Davies | @user10489 absolutely. Please read my last paragraph for suggestions on handling this type of issue | |
| Jul 24, 2022 at 12:51 | comment | added | user10489 |
Using the --delete option in a command for backups will result in disaster next time the drive being backed up fails to mount or goes offline.
|
|
| Jul 24, 2022 at 12:04 | comment | added | Chris Davies |
rsyncd runs on port 873, so that's the port that needs to be proxied. If your server's rsyncd is running on a different port then change the number to match reality. It's accessed from the server itself, so there are no security issues there; and then everything is carried over the encrypted ssh channel back to your client
|
|
| Jul 24, 2022 at 12:02 | comment | added | Time-Bandit | thnx for the efforts. I previously read that solution on the man page and decided against it because it requires changes to my host (target) and source firewalls, security, etc. (port 873 -must- be used. I was actually hoping for some clarity as to why my chosen solution, which matches the man page "USING RSYNC-DAEMON FEATURES VIA A REMOTE-SHELL CONNECTION" simply is not working. | |
| Jul 24, 2022 at 10:26 | history | edited | Chris Davies | CC BY-SA 4.0 |
deleted 58 characters in body
|
| Jul 24, 2022 at 10:08 | comment | added | Chris Davies |
@Time-Bandit there you go. Access to rsyncd via a secure ssh channel
|
|
| Jul 24, 2022 at 10:07 | history | edited | Chris Davies | CC BY-SA 4.0 |
Access rsyncd service across ssh transport
|
| Jul 24, 2022 at 9:54 | comment | added | Chris Davies | "I absolutely want to use the rsync daemon over ssh rather than the normal rsync because of the resource benefits" that doesn't make sense (to me). The daemon is a system service. Rsync over ssh is a service that's invoked on demand. "I am trying to [...] connect [with ssh] with a non-root user, then have either the non-root user or root connect to rsyncd" - that's not what I understood from your question. I'll either suggest a duplicate or give you a solution for that | |
| Jul 24, 2022 at 9:50 | comment | added | Chris Davies |
"the -delete option did in fact delete a partial file that existed on target not on source" - The --delete option affects the target; the complementary --remove-source-files option turns rsync's effective action from "copy" to "move".
|
|
| Jul 24, 2022 at 8:43 | comment | added | Time-Bandit | I misspoke... the -delete option did in fact delete a partial file that existed on target not on source, but after a very very very long pause... (large file) it seems that rsync is respecting the --partial flag.... so your advice about removing --checksum and --append is dead on... thanks again | |
| Jul 24, 2022 at 8:29 | comment | added | Time-Bandit |
this is a great answer & accurate solution. However, I absolutely want to use the rsync daemon over ssh rather than the normal rsync because of the resource benefits. I also have to do this as ssh non-root user, so perhaps I need to play with /etc/rsyncd.conf and backup users .sshauthorized_keys settings further and make a new post if necessary. Overall what I am trying to achieve is to connect with a non-root user, then have either the non-root user or root connect to rsyncd. Perhaps this is worthy of separate post after some testing.
|
|
| Jul 24, 2022 at 6:53 | history | answered | Chris Davies | CC BY-SA 4.0 |