bastian wrote:
>>
>> Set up the remote machine to do public key authentication rather than
>> password for your machine.
>
> I think the ssh is set to public key authentication.
> The problem is the password in rsyncd.secrets of cwrsync.
> Maybe I have a basic misunderstanding here cause I am new to this
> stuff.
> Please explain.
> Thank you
> Bastian
I think different things are being discussed here, with possibly some slight
confusion (which could be mine). Rsync can run either as a network server
in its own right, in which case rsyncd.secret defined the password and
the "urls" look like:
(E-Mail Removed)in::module/dirreltomodule/dir...
In this case, rsync must be configured using rsync.conf
The other mode is not to run rsync as a server, but to allow it to be
invoked at will via rsh (use to, noone would do that now) or ssh, in both
cases the "url" looks like:
(E-Mail Removed)in:/dirreltoroot/dir/dir...
Note the one vs two colons and in the latter case, no config file is used -
you get what the user is allowed to see.
"--password-file" is incompatible with "-e ssh", the latter is also
unnecessary and is implied by a new (like last few years) rsync *and* the
use of the single colon form of the "url"
Now I haven't actually set up rsync to serve from a windows box, do you have
an ssh server on that box, or are you really trying to do:
rsync -rzv --password-file=/root/password-file/password.txt
tc2backup@192.168.0.129::cdrive/software/.
/var/baks/
Which would work is you set up an rsyncd.conf file to with a "module"
called "cdrive" which pointed at /cygdrive/c
eg (rsyncd.conf)
# rsyncd config
log file = /somewhere/rsyncd.log
max connections = 5
read only = yes
list = yes
auth users = root
secrets file = /somewhere/rsyncd.secrets
strict modes = yes
hosts allow = your.backup.machine.domain
transfer logging = yes
timeout = 0
dont compress = *
#
[cdrive]
path = /cygdrive/c
###############################
Now you *can* do what you want above.
Pros/cons:
SSH mode
========
Pro: Secure, encrypted and as strong as SSH.
Con: Need to ssh in to target host as root/admin to access all files for
backup - therefore, unless using a restrictive shell it is possible to ssh
in as root/admin from the backup box if it gets hacked. Also, can be
controlled remotely.
Con: Needs an ssh server.
Server Mode
===========
Pro: Not encrypted, but reasonably secure on a switched LAN, using passwords
and/or IP restrictions.
Pro: Can export read-only as root/admin, so no change of back-feeding it,
but whilst it can also access a subset of files as root/admin.
Con: Security can be far too weak in the wrong environments.
Now, there is a way to run it in server mode, over ssh, which takes out the
cons of both methods - but I have never had need to try it.
I refer you to the rsyncd.conf man page, and see the section:
RUNNING AN RSYNC SERVER OVER A REMOTE SHELL PROGRAM
Not sure if any of that helps...
Tim
Similar Threads
Linear Mode
