You do not need to enter a password for Rsync transmission.

You do not need to enter a password for Rsync transmission.

1. Background

1) one server: VM3 (IP: 3.9.8.151)

2) A client: VM2 (IP: 3.9.8.157)

3) The server and client can ping each other.

4) rsync has been installed on both the server and client.

Requirement: Copy all files in the/root/backup/directory of VM3 to the/root/test/directory of VM2.

2. Operation

1) Use the ping command to check the network connectivity between the server and client.

VM3 successfully pinged VM2

VM2 is successfully pinged to VM3

Connect VM2 and VM3

2) create and modify the rsync configuration file in VM3 on the server

# Vim/etc/rsyncd. conf

Uid = nobody

Gid = nobody

Use chroot = no

Max connections = 4

Pid file =/var/run/rsyncd. pid

Lock file =/var/run/rsyncd. lock

Log file =/var/log/rsyncd. log

 

[Cms]

Path =/root/backup

Read only = true

List = false

Auth users = root

Secrets file =/etc/rsyncd. secrets

This file is composed of one or more modules. A module definition starts with the module name in square brackets until the definition of the next module starts or the file ends. The module contains the Parameter definition in the format of name = value. Each module corresponds to a directory tree to be backed up.

 

Global Parameters

Uid: This option specifies the uid that the daemon should have when the module transfers files. With the gid option, you can determine which file permissions can be accessed. The default value is "nobody ".

Gid: Specifies the gid that the daemon should have when the module transfers files. The default value is "nobody ".

Use chroot: If "use chroot" is set to true, rsync first chroot to the directory specified by the path parameter before transferring files. The reason for doing so is to implement additional security protection, but the disadvantage is that you need to use the root privileges and cannot back up the directory files pointed to by the external symbolic connection. The default chroot value is true.

Max connection: specifies the maximum number of concurrent connections for this module to protect the server. connection requests that exceed the limit will be notified and then try again. The default value is 0, that is, there is no limit.

Pid file: Specifies the pid file of rsync.

Lock file: Specifies the lock file that supports the max connections parameter. The default value is/var/run/rsyncd. Lock.

Log file: Specifies the log file of rsync, instead of sending the log to syslog.

 

Module Parameters

Cms: The Module name, which can be obtained at will. The subsequent client rsync command will call this name.

Path: Specifies the directory tree path for backup of this module. This parameter must be specified.

Read only: This option sets whether to allow users to upload files. If this parameter is set to true, all upload requests will fail. If this parameter is set to false and the server directory read/write permission permits upload. The default value is true.

List: This option sets whether the module should be listed when the customer requests a List of modules that can be used. If this option is set to false, you can create a hidden module. The default value is true.

Auth users: This option specifies a list of usernames separated by spaces or commas. Only these users can connect to this module. The user here has nothing to do with the System user. If "auth users" is set, the connection request sent by the client to this module will be sent by rsync to challenged for authentication. The challenge/response authentication protocol is used here. The user's name and password are stored in plaintext in the file specified by the "secrets file" option. By default, the module can be connected without a password (that is, the anonymous mode ).

Secrets file: This option specifies a file that contains a user name: Password pair. This file works only when "auth users" is defined. Each row of the file contains a username: passwd pair. Generally, the password should not exceed 8 characters. The default secures file name does not exist. You must specify a limit. (For example,/etc/rsyncd. secrets)

Reference: http://blog.csdn.net/xujingzhong0077/article/details/51993514

Note: Check whether the configured directory exists after setting. For example, check the/var/run/directory,/var/log/directory, and/root/backup/directory. /Etc/rsyncd. secrets will be configured in the next step

3) Create and modify the rsync configuration file in VM3 on the server

# Vim/etc/rsyncd. secrets

Root: redhat

In the format of User name: password. This is the authentication username and password of the server.

4) The VM3 server modifies the/etc/rsyncd. secrets permission and can only be read and written by the root user.

# Chmod 600/etc/rsyncd. secrets

　　

5) server VM3 starts rsync in daemon mode

# Rsync-daemon

6) Check the port and service of VM3 on the server.

# Ps-ef | grep rsync

Check whether the service is started in daemon mode. If not, kill the process and restart the daemon mode.

# Netstat-ntlp

Check whether the listening port 873 is enabled after the service is started. Port 873 is the default port of rsync.

# Service iptables stop

Disable Firewall

Or

# Vim/etc/sysconfig/iptables

Add

-A input-m state-state NEW-m tcp-p tcp-dport 873-j ACCEPT

Allow port 873 to pass through the firewall

# Service iptables restart

Restart Firewall

 

Check whether the/etc/rsyncd. secrets File Permission can be read and written only by the root user.

After the above configuration and check are completed, the server can wait for the client to connect and copy the file.

7) Client VM2 configuration Password File

# Vim/etc/rsync. pass

Redhat

　　

(8) The VM2 password file/etc/rsync. pass on the client. Modify the permission. It can only be read and written by the root user.

# Chmod 600/etc/rsync. pass

　　

9) The client VM2 uses commands to connect to the server to copy files.

# Rsync-arvz-P root@3.9.8.151: cms/root/test/-- password-file =/etc/rsync. pass