On Wednesday 08 November 2006 00:34, Ed wrote: > On Tuesday 07 November 2006 22:53, you wrote: > ...snip... > > > You want to run the rsync command upon connection. Try to use: > > > > "command="/usr/bin/rsync --server --daemon --config=/foo/rsyncd.conf ." > > ,no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty > > ssh-rsa [BASE64-encoded data of public key] > > > > This will cause rsync in server mode to show up on the server side of > > the encrypted connection. > > Now you can configure what is possible and not through /foo/rsyncd.conf, > > e.g. allow read only, > > chrooting etc. > > > > However, the client side still has to say "I want to archive", like this: > > > > rsync -av --rsh="ssh -l SSH_USER -i /someplace_safe/ssh_id_key" > > LOCAL_FILE [EMAIL PROTECTED]::RSYNC_MODULE > > > > if source is LOCAL_FILE > > > > rsync -av --rsh="ssh -l SSH_USER -i /someplace_safe/ssh_id_key" > > [EMAIL PROTECTED]::RSYNC_MODULE LOCAL_FILE > > > > if source is [EMAIL PROTECTED]::RSYNC_MODULE > > > > Best regards, > > > > -- David > > Hi David, > thanks for your answer, I'll take a good look at it all tomorrow morning > and put it to good use. :) > > I also got an answer from Martin Schröder who sent me the following link: > http://www.jdmz.net/ssh/ > > Thank you both! > -Ed
Hi again, I spent some time trying the solutions you offered but none seem to work for me. Does anyone have a step by step approach of a "passwordless rsync" via a certificate? I managed a simple "hostname" lookup because it's the target that executes the command in the certificate but I can not see a way out of my catch 22. If I send an rsync command to the target server, it is only logical that the target execute the command and thus fails miserably :( I can't follow Davids howto as I have a rsync running as a daemon on the target server already and it seems a little fiddly for a simple rsync. In short, if you got it to work, please let me know how you did it pretty please. All I get for now is a prompt for a password or the infamous "protocol version mismatch -- is your shell clean?" Regards, -Ed -- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
