How To Use Rsync Over Ssh In A Secure Manner?
Rsync is very popular synchronization tool used in Linux environment. Rsync communication is clear text by default. This makes rsync vulnerable man in the middle attacks. How can we make rsync secure with
ssh . In this tutorial we will look different ways to make secure with
Check Ssh Connection
The first thing we will do is checking the remote ssh service. We will of course use
ssh command for this. In this example the user is
root and server name is
$ ssh root@poftut2
Copy Single File From Local To Remote Via Ssh Tunnel
The first example is about copying local single local file to remote system via ssh. We will provide
-e ssh parameter to enable ssh tunelling.
$ rsync -e ssh asd.pub ismail@poftut2:/root/
Enable PasswordlessKey Based Ssh Authentication
In order to make things simpler and work as batch we should setup passwordless key based ssh authentication. This is done by copying and setting login public key to the remote systems. First we will create ssh kek.
This will create a private and related public key pair in
~/.ssh/ directory. Now we will setup key based authentication with the following command. The username will be
ismail and remote system is
$ ssh-copy-id ismail@poftut2
Copy Single File From Remote To Local Via Ssh Tunnel
In this example we will copy remote file named
asd.pub to the local directory
. is used to specify current working directory. The local file will be named
$ rsync -e ssh ismail@poftut2:/root/asd.pub .
Synchronize From Local Folder To Remote Folder
Now we need more useful examples. One of the most used situation is synchronizing local folder to the remote folder. We will synchronize from local folder to remote folder via ssh tunnel.
$ rsync -e ssh /home/ismail/ ismail@poftut2:/bak
Synchronize From Remote Folder To Local Folder
This example is the reverse version of previous example. We will synchronize from remote system to the local system.
$ rsync -e ssh ismail@poftut2:/bak /home/ismail/
Specify Different Ssh Port
Ssh uses TCP/22 as default port. But this may not the same for some times. We may need to specify the remote ssh port explicitly. We can use
-e option with
ssh command like below.
$ rsync -e "ssh 2222" ismail@poftut2:/bak /home/ismail/