Rsync: Difference between revisions

Line 3:

rsync was first created by [[wp:Andrew Tridgell|Andrew Tridgell]] and Paul Mackerras in 1996 <ref>https://groups.google.com/g/comp.os.linux.announce/c/tZE1qtTcQaU/m/IF8GhGQ_uTsJ</ref>.

* [https://rsync.samba.org/firewall.html rsync through a firewall]

* Andrew Tridgell's 1999 PhD thesis ''[https://www.samba.org/~tridge/phd_thesis.pdf Efficient Algorithms for Sorting and Synchronization]'' includes 3 chapters on rsync.

== Forward SSH Agent, and switch to different user ==

Suppose you have 3 hosts:

# your workstation

# machine A

# machine B

Machine A is configured so that root login is not allowed - even key-based logins (too many stupid breakin attempts). So, you've created a user 'Dan'. Dan has full sudo privileges.

Machine B is configured to allow root login, and all of Dan's public keys are listed in the authorized_keys file for /root/.ssh/authorized_keys

You want to rsync files from Machine A to Machine B, but some of those files are root-owned backups etc. A regular rsync will fail to read some files. You don't want to chmod or chown anything. Of course you start off by setting up your ssh-agent and adding your ssh keys <code>eval $(ssh-agent) && ssh-add</code> before connecting and forwarding your agent: <code>ssh -A dan@machineA</code>

Now, here's the special part: Without even needing to reconfigure sshd on Machine A, you can simply <code>--preserve-env=SSH_AUTH_SOCK</code> in your sudo rsync command so that using sudo doesn't break the agent forwarding for the rsync.

(On machineA)

<code>sudo --preserve-env=SSH_AUTH_SOCK rsync -vrz --checksum /var/discourse root@machineB:/var</code>

will successfully read all files on MachineA using elevated privileges of sudo, and transfer them to MachineB

[[Category:Filesystems]]

[[Category:System Administration]]

@@ Line 3: / Line 3: @@
 rsync was first created by [[wp:Andrew Tridgell|Andrew Tridgell]] and Paul Mackerras in 1996 <ref>https://groups.google.com/g/comp.os.linux.announce/c/tZE1qtTcQaU/m/IF8GhGQ_uTsJ</ref>.
 * [https://rsync.samba.org/firewall.html rsync through a firewall]
 * Andrew Tridgell's 1999 PhD thesis ''[https://www.samba.org/~tridge/phd_thesis.pdf Efficient Algorithms for Sorting and Synchronization]'' includes 3 chapters on rsync.
+== Forward SSH Agent, and switch to different user ==
+Suppose you have 3 hosts:
+# your workstation
+# machine A
+# machine B
+Machine A is configured so that root login is not allowed - even key-based logins (too many stupid breakin attempts). So, you've created a user 'Dan'. Dan has full sudo privileges.
+Machine B is configured to allow root login, and all of Dan's public keys are listed in the authorized_keys file for /root/.ssh/authorized_keys
+You want to rsync files from Machine A to Machine B, but some of those files are root-owned backups etc. A regular rsync will fail to read some files. You don't want to chmod or chown anything. Of course you start off by setting up your ssh-agent and adding your ssh keys <code>eval $(ssh-agent) && ssh-add</code> before connecting and forwarding your agent: <code>ssh -A dan@machineA</code>
+Now, here's the special part: Without even needing to reconfigure sshd on Machine A, you can simply <code>--preserve-env=SSH_AUTH_SOCK</code> in your sudo rsync command so that using sudo doesn't break the agent forwarding for the rsync.
+(On machineA)
+<code>sudo --preserve-env=SSH_AUTH_SOCK rsync -vrz --checksum /var/discourse root@machineB:/var</code>
+will successfully read all files on MachineA using elevated privileges of sudo, and transfer them to MachineB
+{{References}}
 [[Category:Filesystems]]
 [[Category:System Administration]]