this post was submitted on 24 Nov 2024
18 points (95.0% liked)

Linux

48332 readers
897 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hi,

I need to setup a Rsync server to backup a 😡 NAS.

So I want to run it under SSH.

man rsync

Also note that the rsync daemon protocol does not currently provide any encryption of the data that is transferred over the connection. Only authentication is provided. Use ssh as the transport if you want encryption.

but when I do rsync --config=/etc/rsyncd.conf --rsh=ssh --dry-run
I get:

rsync: --rsh=ssh: unknown option (in daemon mode) So there no way to specify that rsync daemon should run under ssh ?

Also is this following A.I statement is correct ?

The rsyncd.conf file is only used when the rsync daemon is running on the remote host and the client connects to the daemon directly, without using an SSH connection.

So there is no way with Rsync (under ssh) to set settings (config file or other) that will apply to all clients !!??
So it's the client that configure rsync and the server !? there is no way around ?!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 4 hours ago (1 children)

You can do so directly in the ssh config or command line also. I've used this very thing in dense cluster private OpenStack deployments over the years.

Just trying to narrow down use case but I suspect the complex documentation just overwhelmed.

[–] [email protected] 1 points 2 hours ago

(disclaimer: this information might be years out of date but i think it is still accurate?)

SSH doesn't have a null cipher, and if it did, using it still wouldn't make an SSH tunnel as fast as a TCP connection because SSH has its own windowing mechanism which is actually what is slowing you down. Doing the cryptography at line speed should not be a problem on a modern CPU.

Even though SSH tunnels on your LAN are probably faster than your internet connection (albeit slower than LAN TCP connections), SSH's windowing overhead will also make for slower internet connections (vs rsync or something else over TCP) due to more latency exacerbating the problem. (Whenever the window is full, it is sitting there not transmitting anything...)

So, to answer OP's question:

  • if you want to rsync over SSH, you usually don't need a daemon (or to specify --rsh=ssh as that is the default).
  • if you the reason you want to use the rsync daemon is performance, then you don't want to use SSH. you'll need to open a port for it.
  • besides performance, there are also some rsync features which are only available in "daemon mode". if you want to use those, you have at least 3 options:
    • open a port for your rsync daemon, and don't use SSH (bonus: you also get the performance benefit. downside, no encryption.)
    • setup an SSH tunnel and tell the rsync client it is connecting to a daemon on localhost
    • look at man rsync and read the section referred to by this:
      • The remote-shell transport is used whenever the source or destination path contains a single colon (:) separator after a host specification. Contacting an rsync daemon directly happens when the source or destination path contains a double colon (::) separator after a host specification, OR when an rsync:// URL is specified (see also the USING RSYNC-DAEMON FEATURES VIA A REMOTE-SHELL CONNECTION section for an exception to this latter rule).

HTH.