Rsync && ssh && passwordless

[Ryan Sommers]

I'm attempting to setup rsync to do backups of a remote system. I'd like
to make it passwordless. The trouble I'm running into is I run sshd with
PermitRootLogin Off for obvious security reasons. This means that I can't
use rsync over ssh to the root user. Instead what I thought of was sshing
to the machine I want to backup via a seperate user that is added to the
sudoers file and is allowed to execute rsync via sudo without a password.

Machine M is the machine being backed up
Machine B is the backup machine
NP is the non-privileged user on machine M

Installed rsync on machine M, tested the config file to make sure I could
get to it with regular rsyncd. Killed rsyncd since I wanted to do it over
Ssh

On B I generated an RSA key ssh-keygen -t rsa -N "". scp ~/.ssh/id_rsa.pub
NP at M:.ssh/authorized_keys

Edited authorized_keys on M adding 'command="sudo /usr/local/bin/rsync
--server --daemon ."'

To test I did: ssh NP at M and got:
@RSYNCD: 28

Thinking that was the rsync process attempting to authentificate with the
local client I tried running rsync on the local machine:
rsync -a NP at M:/path/to/stuff ./local/path

which gave me:
protocol version mismatch - is your shell clean?
(see the rsync man page for an explanation)
rsync error: protocol incompatibility (code 2) at compat.c(69)

Where did I go wrong? Is this not possible? If not, how can you go about
backing up a remote system to preserve all file attributes and where the
files being backedup aren't all readable by a non-privileged user or owned
by the same user?


-- 
Ryan Sommers
ryans at gamersimpact.com