The rsync destination uses the rsync program installed on the system running HashBackup to communicate with a remote rsync server. HB does not make use rsync’s special differential transfer protocol to speed up file transfers because HB rarely creates modified versions of the the same file, with
dest.db being the one exception. HB does enable rsync’s ability to restart partial transfers in case of errors.
Rsync operates in two modes:
Rsync over ssh
To use this method, no special configuration is needed on the remote server. The rsync command must be installed on the local and remote systems and the userid running HashBackup must be able to ssh to the server without a password using public/private key files in ~/.ssh. (search
passwordless ssh for details). With this method, the dir keyword looks like this:
Notice that there is only one colon for rsync over ssh. The userid can be omitted if the userid running HashBackup can ssh to the host without a userid, for example:
In both of these examples, the userid running HashBackup should be able to ssh to the host without a userid or password, then
cd my/backup/dirname. This is where the backup files will be stored.
Rsync directly to a remote rsync daemon (rsync module access)
With this method, data is sent directly from your local rsync to the remote rsync, unencrypted, without using ssh. This is slightly more efficient than ssh since data is not encrypted during transmission. Your data is still confidential because HashBackup encrypted it during the backup, and authentication uses a reasonably secure MD4 challenge-response protocol. For module access, the rsync daemon needs to be configured on the remote server and a module setup in /etc/rsyncd.conf. An rsync module can be setup as anonymous, meaning anyone can access it just by using the module name, or authenticated, meaning a username and password must be specified. See the
rsyncd.conf man pages for details about how to setup an rsync server.
For anonymous rsync module acesss use:
Notice the double colons, distinguishing module access from ssh access. With anonymous rsync module access there is no authentication so anyone knowing which port is running rsync can access the rsync service. It can be restricted by client IP address with the
hosts allow rsync config directive on the rsync server.
For authenticated rsync module access, use:
In the first case, the userid running HashBackup is used. For both, a
password keyword is needed in
dest.conf matching the password in
rsyncd.secrets file on the rsync server.
Use the command:
rsync hostname:: to list all available modules on
an rsync server. Some rsync servers may have this feature disabled
destname myrsync type rsync
For rsync over ssh:
you can add extra rsync arguments:
for rsync over ssh port 8002 with ssh userid sshuser and rsync userid rsyncuser:
dir rsyncuser@myhost:hbdir args -e "ssh -p 8002 -l sshuser"
for rsync to rsyncd module, with authentication:
dir jim@myhost::mymodule password mypass
For rsync to anonymous rsyncd module:
For rsyncd module running on an alternate port (recommended):