rsync and ssh notes
NOTE: These notes were written in 2005. Use at your own risk. I’m leaving them up because things like NFS are still the same. I have not changed how I set it up in over 10 years.
rsync basics
rsync is a program which has the ability to synchronize directory tree parts while just updating the differences between files. This can be a big savings in bandwith and time for big files over a network. If you know what these two things are, this page might be useful to get started or do a quick test. Using it as a reference source would be crazy.
Quick test of rsync – Local Filesystem
- The objective is to test you have the program installed and permissions correct.
- Create a directory in your home directory called “test1”.
- Create another directory called “test2”. I made mine in “/backup” (on a separate disk).
- Create a text file within test1 called “a.txt” and type something it it.
my_shell$ rsync -av /home/user_name/test1/ /backup/test2
- The “av” stands for “archive-verbose” and preserves a lot of file properties. Check man rsync for all the flags.
- Note: Include the last slash on the source to sync everything WITHIN the directory in test1 with the directory test2. If you leave it off, you’ll end up with /backup/test2/test1.
Test of rsync – Trusted LAN
- See above to set up files. Check connectivity and permissions.
- Just add the hostname in front of the paths.
- my_shell$ rsync -av /home/user_name/test1/ remote_hostname:/backup/test2
Remarks: When used locally (same machine) I think it said the program is equivalent to a “mv” command, as it takes more time to calculate all the differences between files than to just write over it.
ssh setup
ssh stands for “secure shell” and is a way of communicating securely across and untrusted network (e.g., the internet) using encrypted data. One buzzword associated with this kind of thing is a “tunnel”, like your own private coffee cans on a string, but I don’t know the technical definition. It is a replacement for telnet.
Two keys are required to unencrypt the data. You have to generate them. The public one is insecure and must be given to the receiver. The private key is, not suprisingly, private and must remain protected. There are serveral “flavors” of ssh. The most common with linux distributions is OpenSSH.
- It sure would simplify things if you could have the same username/password on both hosts.
my_shell$ ssh-keygen -t dsa
(the ssh key generation utility)
“Created directory /home/user_name/.ssh”- Enter a passphrease, up to 30 characters and not too simple but that you can remember.
“ID saved in ~/.ssh/id_dsa”
“Public Key saved in ~/.ssh/id_dsa.pub” - Get the public key on the target machine with secure copy.
my_shell$ scp my_path/ida_dsa.pub remote_user@remote_host:
(gotta have the colon) “Can’t confirm host, continue?” Yes .”Warning: Permanently added remote_host (RSA) to list of known hosts.” cool. - In the instructions I found, it says “connect to” the remote machine to do this next step. I don’t see how you can do this securely if you don’t have ssh set up yet. So, assuming you can physically get to the machine or get someone else to be there, get the public key set up remotely.
On the remote machine
my_shell$ mkdir .ssh
my_shell$ cat id_dsa.pub >> .ssh/authorized_keys
my_shell$ chmod 700 .ssh
my_shell$ chmod 644 .ssh/authorized_keys
- Test ssh connection
my_shell$ ssh remote_hostname
Get a shell in your remote home directory. Use scp (secure copy) and sftp (secure ftp). - Note: If you don’t have DNS in your network, you need to have /etc/hosts on both machines set up [or try “ssh remote_ip”].
Using rsync with ssh
- Create an ssh connection.
- Use the rsync command like you would over a trusted LAN, now that you’ve got your coffee-can tunnel-thing set up.