Build Secure rsync

Source: Internet
Author: User
Article Title: Build Secure rsync. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

As security requirements increase, sftp or scp is gradually adopted to replace ftp. However, scp/sftp may be interrupted due to network conditions. Therefore, it is not only troublesome but also a waste of bandwidth and time to copy files. Here, we use rsync over ssh, which is secure and convenient, because rsync supports resumable data transfer.

Configure rsyncd. conf

Rsyncd. conf can be directly used simply by making a simple judgment. I will post my own example:

#/Etc/rsyncd. conf
# General settings
Uid = nobody
Gid = nobody
Use chroot = no
Max connections = 5
# Set logs
Syslog facility = local5
Pid file =/var/run/rsyncd. pid

# Multiple methods to set the license hosts list
Hosts allow = 192.168.0.1, 192.168.0.2, 192.168.1.0/255.255.255.0
# Setting the rsyncd directory
[Backup]
Path =/home/yejr/
# If you can upload files at the same time, set read only to false.
Read only = false

Because rsync over ssh is used, you do not need to start the rsyncd instance, but use ssh for rsync, which is very simple. Note that the above read only = false. Many people may think that rsync can only be used for downloading and cannot be uploaded. Otherwise, you can use rsync to upload files after setting it.

Let's look at the example below.

Use

Download files

Rsync-P-av -- timeout = 10 -- rsh = "ssh-l yejr" 192.168.0.84: backup/yejr/
/Home/yejr/

Download all the files in the/home/yejr/directory on the server to the local directory/home/yejr.

Here, you need to pay attention to whether the directory name is followed by the Directory decomposition character/. If yes, only the files in the directory are processed. If not, the directory name itself is also downloaded.

Upload files

Rsync-P-av -- timeout = 10 -- rsh = "ssh-l yejr"/home/yejr/
192.168.0.84: backup/yejr/

Upload the files in the/home/yejr/directory to the/home/yejr/Server, that is,/home/yejr /*.

Upload directory structure

Rsync-P-av -- timeout = 10 -- include '*/' -- exclude '*' -- rsh = "ssh-l yejr"
/Home/yejr/192.168.0.84: backup/yejr/

Or

Rsync-P-av -- timeout = 10 -- include '*/' -- exclude '*' -- rsh = "ssh-l yejr"
192.168.0.84: backup/yejr // home/yejr/

In some cases, we need to synchronize the directory structure without uploading/downloading files.

In the above example, I have used the ssh key method to establish a trust relationship, so no password needs to be entered each time.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.