Rsync

The rsync destination uses the rsync program installed on the system running HashBackup to communicate with a remote rsync server. HB does not make use rsync’s special differential transfer protocol to speed up file transfers because HB rarely creates modified versions of the the same file, with dest.db being the one exception. HB does enable rsync’s ability to restart partial transfers in case of errors.

Rsync operates in two modes:

Rsync over ssh

To use this method, no special configuration is needed on the remote server. The rsync command must be installed on the local and remote systems and the userid running HashBackup must be able to ssh to the server without a password using public/private key files in ~/.ssh. (search passwordless ssh for details). With this method, the dir keyword looks like this:

dir jim@host:my/backup/dirname

Notice that there is only one colon for rsync over ssh. The userid can be omitted if the userid running HashBackup can ssh to the host without a userid, for example:

dir host:my/backup/dirname

In both of these examples, the userid running HashBackup should be able to ssh to the host without a userid or password, then cd my/backup/dirname. This is where the backup files will be stored.

Rsync directly to a remote rsync daemon (rsync module access)

With this method, data is sent directly from your local rsync to the remote rsync, unencrypted, without using ssh. This is slightly more efficient than ssh since data is not encrypted during transmission. Your data is still confidential because HashBackup encrypted it during the backup, and authentication uses a reasonably secure MD4 challenge-response protocol. For module access, the rsync daemon needs to be configured on the remote server and a module setup in /etc/rsyncd.conf. An rsync module can be setup as anonymous, meaning anyone can access it just by using the module name, or authenticated, meaning a username and password must be specified. See the rsync and rsyncd.conf man pages for details about how to setup an rsync server.

For anonymous rsync module acesss use:

dir host::module

-or-

dir host::module/subdir

Notice the double colons, distinguishing module access from ssh access. With anonymous rsync module access there is no authentication so anyone knowing which port is running rsync can access the rsync service. It can be restricted by client IP address with the hosts allow rsync config directive on the rsync server.

For authenticated rsync module access, use:

dir host::module

-or-

dir user@host::module/subdir

In the first case, the userid running HashBackup is used. For both, a password keyword is needed in dest.conf matching the password in the rsyncd.secrets file on the rsync server.

Use the command: rsync hostname:: to list all available modules on an rsync server. Some rsync servers may have this feature disabled for security.

Rsync dest.conf Example

destname myrsync
type rsync

For rsync over ssh:

dir jim@myhost:test/hashbackup

you can add extra rsync arguments:

args --ipv6

for rsync over ssh port 8002 with ssh userid sshuser and rsync userid rsyncuser:

dir rsyncuser@myhost:hbdir
args -e "ssh -p 8002 -l sshuser"

for rsync to rsyncd module, with authentication:

dir jim@myhost::mymodule
password mypass

For rsync to anonymous rsyncd module:

dir myhost::mymodule

For rsyncd module running on an alternate port (recommended):

port 8081