Synchronizing Data with Rsync
Rsync is a useful tool that allows files and directory to be copied either to or from a remote host, or locally on the current host. It is a faster and flexible replacement for rcp.
There are two different ways for rsync to contact a remote system:
– using a remote-shell program as the transport (such as ssh or rsh) or
– contacting an rsync daemon directly via TCP.
For remote transfers, a modern rsync uses ssh for its communications, but it may have been configured to use a different remote shell by default, such as rsh or remsh.
Rsync uses the rsync remote-update protocol to greatly speed up file transfers. The rsync remote-update protocol allows rsync to transfer just the differences between two sets of files across the network connection, using an efficient checksum-search algorithm.
The files are compared using their checksums and only the necessary files are transferred. This makes rsync very efficient in mirroring files between source and destination directory within hosts or between hosts. Rsync can also be used to delete files, copy device files, copy symbolic links, preserve ownership and group, copy permissions and synchronize timestamps to achieve an exact copy. Rsync also support both include and exclude pattern so that you can specify exactly which files you want to synchronized.
Please note that rsync ignore any changes made on the system being updated (destination). Any files that were locally modified will be replaced with the copy from the source and any deleted files will be added again if it is still exist in the source. This means that you must make all changes on the master source and never make any changes on the destination system.
To use rsync, you must specify a source and a destination, one of which may be remote.
The syntax is:
rsync [OPTION]... SRC [SRC]... DEST
There are many options to use with rsync.
Here are some samples usages of rsync:
1. Use the following command to: transfer all files from the current directory to the directory /dest.
rsync * /dest
2. Use the following command to: transfer all files matching the pattern *.doc from the current directory to the directory /dest.
rsync *.doc /dest
3. Use the following command to: recursively transfer all content from the directory /src/data1/ on current host to directory /data/temp1. The transfer is in “archive” mode , which ensures that symbolic links, devices, attributes, permissions, ownerships, etc. are preserved in the transfer.
rsync –av /src/data1/ /data/temp1
4. Use the following command to: recursively transfer in archive mode the directory /src1/data1 and /src2/data2 on local host to the directory /dest.
rsync –av /src1/data1 /src2/data2 /dest
5. Use the following command to: recursively transfer in archive mode all content from the directory /src/data1/ on remote host named pc1 to directory /dest/temp1 on local host. Compression will be used to reduce the size of data portions of the transfer.
rsync –avz pc1:/src/data1/ /dest/tmp1
6. Use the following command to: recursively transfer in archive mode all content from the directory /src/data1/ on local host to directory /dest/temp1 on remote host named pc1. This command also tells rsync to delete any files in the target directory that are not present in the source directory. Be carefull with — delete options.
rsync -av --delete /src/data1/ pc1:/dest/temp1
7. Use the following command to: recursively transfer in archive mode all content from the directory /src/data1/ on local host to directory /dest/temp1 on remote host named pc1 but exclude all files with ext. of tmp and temp.
rsync -av –-exclude *.tmp –-exclude *.temp /src/data1/ pc1:/dest/temp1
8. Use the following command to: recursively transfer in archive mode all content from the directory /src/data1/ on local host to directory /dest/temp1 on remote host named pc1 and log on to pc1 using credential of user1.
rsync -av /src/data1/ user1@pc1:/dest/temp1
9. Use the following command to: recursively transfer in archive mode all content from the directory /src/data1/ on local host to directory /dest/temp1 on remote host named pc1, preserve hard links, treat symlink dir as dir and log on to pc1 using credential of user1.
rsync -avHK /src/data1/ user1@pc1:/dest/temp1
Key-based Authentication for SSH (also for SCP and SFTP)
Besides manually providing login credential for authentication, SSH also offer key-based authentication, which uses cryptographic keys to establish a trust relationship between client and server. Key-based authentication can require a password or can operate without a password on the key. The passwordless key-based authentication also known as null-passphrase key is usually used for automating file transfers like backups, password synchronization, and file system synchronization. When using Rsync with SSH for automated backups, you may prefer to enable key-based authentications so backups can be performed via SSH without password prompting.
For security consideration, null-passphrase key-based authentication should not be used when manually providing credentials for an interactive used of SSH session is possible. There is a security risk between the computers that have the key-based trust that would allow an attacker to log in between those computers without a username or password.
By default, key-based authentication is already turn on in the /etc/ssh/sshd_config file. To make sure, open the /etc/ssh/sshd_config file then locate the line beginning with #RSAAuthentication. That line and two lines below it should look like these:
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
If you need to change the configuration file, then you need to restart the sshd:
# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
#
When a user (eg. user1) from a client computer request ssh access to a server, sshd in that server will look in /home/user1/.ssh/authorized_keys to see whether this user has an authorized public key that can be trusted as user1’s key.
In order to work with key-based authentication, user1 in the client computer need to generate a public/private key pair then put the public key into the /home/user1/.ssh/authorized_keys file on the server.
The following show step-by-step action to take to perform key-based authentication for a user called “bj”. The user bj has already created on both the client (computer named “fw”) and server (computer named “fledge”) to be used for key-based authentication.
1. While logged in as the bj user on the client computer, generate a key pair using ssh-keygen command. In this sample, I use null-passphrase.
[bj@fw ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/bj/.ssh/id_dsa):
Created directory '/home/bj/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/bj/.ssh/id_dsa.
Your public key has been saved in /home/bj/.ssh/id_dsa.pub.
The key fingerprint is:
e5:8b:34:7f:83:a0:61:02:86:ec:18:93:2c:4b:e4:e6 [email protected]
[bj@fw ~]$ ls -la .ssh/
total 16
drwx------ 2 bj bj 4096 Jan 3 15:17 .
drwx------ 3 bj bj 4096 Jan 3 15:17 ..
-rw------- 1 bj bj 668 Jan 3 15:17 id_dsa
-rw-r--r-- 1 bj bj 608 Jan 3 15:17 id_dsa.pub
The output of the ssh-keygen command are bj’s private and public (.pub) dsa-based keys on his client computer.
2. Transfer the public key to the server. Assume that the server ip address is 1.2.3.1 and I use SCP to transfer the file.
[bj@fw ~]$ scp .ssh/id_dsa.pub [email protected]:id_dsa-bj-at-fw.pub
The authenticity of host '1.2.3.1 (1.2.3.1)' can't be established.
RSA key fingerprint is 8d:35:1e:e4:1a:87:26:9a:b0:96:c3:5d:cd:1b:c1:ed.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '1.2.3.1' (RSA) to the list of known hosts.
[email protected]'s password:
id_dsa.pub 100% 608 0.6KB/s 00:00
[bj@fw ~]$
I was asked whether I’d like to continue connecting to the server since the authenticity can’t be verified. This is normal behavior, because this is the first time I connect to the SSH server, so I type “yes” to continue connecting. After supplying the password for the user bj on the server, the file is transferred.
3. Log on to the server as user bj. Once on the server, create an .ssh directory within bj’s home directory, if one doesn’t already exist, and place the contents of the id_dsa-bj-at-fw.pub file into a file called .ssh/authorized_keys.
[bj@fw ~]$ ssh [email protected]
[email protected]'s password:
[bj@fledge ~]$ mkdir .ssh
[bj@fledge ~]$ cat id_dsa-bj-at-fw.pub >> .ssh/authorized_keys
[bj@fledge ~]$
4. Verify the permission of the .ssh directory and authorized_keys file. Make sure that they can only be accessed by the user who owns them.
[bj@fledge ~]$ chmod 700 .ssh
[bj@fledge ~]$ chmod 700 .ssh/authorized_keys
5. Get user bj logs out from the server and then logs back in to see if the authorized_keys entry worked. If login no longer requires a password, then the key-based ssh authentication is working.
[bj@fledge ~]$ exit
Connection to 1.2.3.1 closed.
[bj@fw ~]$ ssh [email protected]
Last login: Sat Jan 3 12:03:27 2009 from 1.2.3.2
[bj@fledge ~]$
With this in place, user bj can now transfer files between client computer and server using Rsync via SSH, SCP and SFTP without supplying the password. This facility can then be used for automated backups that need no user intervention in supplying the password when performing Rsync to/from remote host. In next article, I will discuss about how to perform automated backup using Rsync.
August 15th, 2023 at 4:35 am
order fenofibrate 200mg fenofibrate 160mg generic order tricor 200mg sale
August 19th, 2023 at 8:28 am
tadalafil brand viagra 50mg cost viagra 100mg england
August 19th, 2023 at 1:00 pm
zaditor 1 mg ca ketotifen 1mg cheap buy cheap tofranil
August 21st, 2023 at 11:36 pm
buy minoxidil online minoxidil us cheapest ed pills online
August 22nd, 2023 at 10:12 am
buy acarbose without a prescription griseofulvin 250 mg brand buy griseofulvin 250mg online cheap
August 24th, 2023 at 3:06 pm
aspirin tablet where can i buy zovirax buy generic imiquimod over the counter
August 27th, 2023 at 3:39 am
buy dipyridamole 25mg without prescription dipyridamole ca order generic pravachol 20mg
August 27th, 2023 at 9:10 pm
buy melatonin 3mg without prescription pill melatonin danocrine 100mg cheap
August 30th, 2023 at 12:37 pm
duphaston 10mg sale order januvia order jardiance 25mg pills
August 31st, 2023 at 8:08 am
generic florinef 100 mcg fludrocortisone 100mcg drug buy imodium
September 2nd, 2023 at 9:32 pm
order etodolac buy colospa 135 mg without prescription buy pletal sale
September 3rd, 2023 at 8:46 am
order prasugrel order dimenhydrinate 50mg without prescription buy generic detrol
September 6th, 2023 at 9:27 am
buy ferrous pills order ferrous generic sotalol generic
September 7th, 2023 at 12:26 pm
mestinon online buy oral pyridostigmine buy rizatriptan no prescription
September 9th, 2023 at 9:37 am
buy vasotec 10mg generic order duphalac sale duphalac where to buy
September 11th, 2023 at 7:18 pm
order zovirax online how to get rivastigmine without a prescription rivastigmine 6mg without prescription
September 12th, 2023 at 8:42 am
betahistine brand buy probenecid without a prescription buy probenecid medication
September 14th, 2023 at 12:06 pm
buy prilosec sale prilosec brand metoprolol sale
September 14th, 2023 at 12:07 pm
premarin brand sildenafil 50mg pill oral sildenafil 100mg
September 15th, 2023 at 1:33 am
Hi to all, becausze I amm actualkly keeen of
reading this blog’s post to bbe updated daily. It carries gookd
stuff.
September 15th, 2023 at 1:36 am
Excellent website. Lotts oof heloful information here.
I amm sending it to several pawls ans alo sharing in delicious.
Annd of course, thank you for your effort!
September 16th, 2023 at 3:54 am
buy telmisartan 20mg online purchase movfor for sale molnupiravir generic
September 17th, 2023 at 3:21 am
tadalafil ca order tadalafil 20mg sildenafil medication
September 17th, 2023 at 8:15 pm
cenforce 100mg tablet buy cenforce 50mg pill aralen 250mg pill
September 20th, 2023 at 5:08 pm
order cefdinir generic order omnicef 300mg pill prevacid canada
September 20th, 2023 at 5:11 pm
provigil 100mg tablet order deltasone 5mg sale buy deltasone 40mg pills
September 22nd, 2023 at 7:44 am
Hi there! Do yyou knoww iff the make aany pugins too safeguard against hackers?
I’m kindsa paranoid abbout loskng eeverything
I’ve worked harrd on. Anyy recommendations?
September 23rd, 2023 at 8:42 am
oral isotretinoin 10mg buy isotretinoin 20mg buy zithromax 250mg sale
September 25th, 2023 at 1:10 am
order atorvastatin 40mg pill cheap amlodipine 10mg purchase amlodipine pills
September 25th, 2023 at 1:29 pm
azipro 500mg cheap neurontin online buy buy neurontin online cheap
September 27th, 2023 at 4:30 pm
free casino slot games poker online real money order furosemide for sale
September 28th, 2023 at 7:30 am
protonix 20mg oral lisinopril price buy pyridium 200mg online
September 29th, 2023 at 12:11 pm
where can i play poker online doxycycline sale ventolin inhalator for sale online
October 1st, 2023 at 3:12 am
vegas casino online casino slots free ivermectin 6mg over counter
October 1st, 2023 at 10:17 am
cheap symmetrel buy symmetrel 100mg online order aczone
October 2nd, 2023 at 5:57 pm
I lovce yoour blog.. very nice coilors & theme. Did you create this website yourselff orr did yoou hire someoe to do it for you?
Pllz respondd aas I’m looking to design mmy owwn blog and
would like tto knpw where u goot ths from. cheers
October 2nd, 2023 at 7:01 pm
blackjack online for real money purchase amoxiclav pill generic levothroid
October 4th, 2023 at 9:32 am
methylprednisolone 16 mg pills buy methylprednisolone 16 mg online aristocort generic
October 4th, 2023 at 11:02 am
serophene generic isosorbide pills imuran 50mg brand
October 5th, 2023 at 11:38 pm
buy levitra 20mg pill levitra 10mg for sale tizanidine us
October 7th, 2023 at 3:45 am
perindopril 8mg usa allegra 120mg ca order allegra 180mg pill
October 7th, 2023 at 11:21 pm
order phenytoin generic buy phenytoin 100 mg generic oxybutynin us
October 10th, 2023 at 12:46 am
baclofen 25mg cost elavil sale buy ketorolac sale
October 10th, 2023 at 6:15 am
claritin uk buy dapoxetine sale buy priligy 90mg sale
October 11th, 2023 at 8:37 pm
lioresal online ketorolac without prescription ketorolac oral
October 13th, 2023 at 4:35 am
amaryl online purchase arcoxia generic order etoricoxib generic