manningtree

Securing RSync

Category: TheShed
#backup

rsync is a workhorse. It's used to sync music between devices (hello Volumio1) and to backup F's design work to a NAS. With Windows Subsystem For Linux2 it has supplanted robocopy as the preferred tool of choice.

To run rsync over a secure channel the following steps set up a public key that can be installed on the remote server and then rsync with SSH.

Create a public SSH key that can be placed on other hosts to give us access:

ssh-keygen -f ~/.ssh/id_rsa -q -P ""
cat ~/.ssh/id_rsa.pub

Here's a truncated example:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABner4gHbv1dZf7bVyxkf email@domain

On the remote server, create a file to store the public key (assuming it's not there already ;)

mkdir ~/.ssh
chmod 0700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 0644 ~/.ssh/authorized_keys

Copy the public key to into ~/.ssh/authorized_keys.

Now use rsync to copy to the remote destination, using SSH as a secure connection:

rsync -avz -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" 
  --progress local_stuff/* [email protected]_domain:remote_stuff/

  1. Volumio the music player currently playing music 

  2. WSL on Wikipedia 

Prev: Fixing Manningtree

Next: Hans: things are better