Rsync
The rsync destination uses the rsync program installed on the system running HashBackup to communicate with a remote rsync server. HB does not make use rsync’s special differential transfer protocol to speed up file transfers because HB rarely creates modified versions of the the same file, with dest.db
being the one exception. HB does enable rsync’s ability to restart partial transfers in case of errors.
Rsync operates in two modes:
Rsync over ssh
To use this method, no special configuration is needed on the remote server. The rsync command must be installed on the local and remote systems and the userid running HashBackup must be able to ssh to the server without a password using public/private key files in ~/.ssh. (search passwordless ssh
for details). With this method, the dir keyword looks like this:
dir jim@host:my/backup/dirname
Notice that there is only one colon for rsync over ssh. The userid can be omitted if the userid running HashBackup can ssh to the host without a userid, for example:
dir host:my/backup/dirname
In both of these examples, the userid running HashBackup should be able to ssh to the host without a userid or password, then cd my/backup/dirname
. This is where the backup files will be stored.
Rsync directly to a remote rsync daemon (rsync module access)
With this method, data is sent directly from your local rsync to the remote rsync, unencrypted, without using ssh. This is slightly more efficient than ssh since data is not encrypted during transmission. Your data is still confidential because HashBackup encrypted it during the backup, and authentication uses a reasonably secure MD4 challenge-response protocol. For module access, the rsync daemon needs to be configured on the remote server and a module setup in /etc/rsyncd.conf. An rsync module can be setup as anonymous, meaning anyone can access it just by using the module name, or authenticated, meaning a username and password must be specified. See the rsync
and rsyncd.conf
man pages for details about how to setup an rsync server.
For anonymous rsync module acesss use:
dir host::module
-or-
dir host::module/subdir
Notice the double colons, distinguishing module access from ssh access. With anonymous rsync module access there is no authentication so anyone knowing which port is running rsync can access the rsync service. It can be restricted by client IP address with the hosts allow
rsync config directive on the rsync server.
For authenticated rsync module access, use:
dir host::module
-or-
dir user@host::module/subdir
In the first case, the userid running HashBackup is used. For both, a
password
keyword is needed in dest.conf
matching the password in
the rsyncd.secrets
file on the rsync server.
Use the command: rsync hostname::
to list all available modules on
an rsync server. Some rsync servers may have this feature disabled
for security.
Rsync dest.conf
Example
destname myrsync
type rsync
For rsync over ssh:
dir jim@myhost:test/hashbackup
you can add extra rsync arguments:
args --ipv6
for rsync over ssh port 8002 with ssh userid sshuser and rsync userid rsyncuser:
dir rsyncuser@myhost:hbdir
args -e "ssh -p 8002 -l sshuser"
for rsync to rsyncd module, with authentication:
dir jim@myhost::mymodule
password mypass
For rsync to anonymous rsyncd module:
dir myhost::mymodule
For rsyncd module running on an alternate port (recommended):
port 8081