Products from ITeF!x
How can I secure connections between linux/unix rsync clients and cwRsync servers ?
Submitted by tk on Mon, 28/07/2008 - 01:23
Assuming that you want to synchronize directory /home/user on machine X_RSYNC_CLIENT with directory c:\backup on machine CWRSYNC_SERVER :
On CWRSYNC_SERVER :
- Install cwRsync Server with openssh component
- Start RsyncServer and OpenSSHD services
- Use Prep a Dir for Upload wizard for the directory c:\backup
- Add a new module to rsyncd.conf :
-
[backup]
path = /cygdrive/c/backup
read only = false
transfer logging = yes
on X_RSYNC_CLIENT :
- Copy private key from CWRSYNC_SERVER to X_RSYNC_CLIENT and make it accessible only by you
- Use shell script below after having it updated according to your needs:
| #!/bin/bash # Secure Channel Wrapper for connection to cwRsync servers from Linux/Unix clients # v1.0 - Initial version, Sep 2005, Tevfik K., http://itefix.no # Customize variables below according to your needs # identity: private key file for cwRsyncServer service account (available from Start Menu) # localport: local port for forwarding # remoteport: termination port (this should be the port rsync daemon listens to) # remotehost: cwRsync Server name/ip-adress # your rsync module at server side # Function to terminate secure tunnel processes # Clean up ... terminate zombie tunnels echo Establishing secure channel ... # your rsync command, you can edit: echo Terminating secure channel ... |
NB! You must forward ssh port 22 to CWRSYNC_SERVER at the edge of your secure network (your router/firewall). I recommend strongly to tighten security further by using options available in rsync and openssh (host limitations, secrets file ...).
Printer-friendly version