restricting rsync over ssh
Mike Rubel
mrubel at galcit.caltech.edu
Wed May 22 14:42:02 EST 2002
> > If so, I am trying to find the best way to restrict rsync -e ssh on the
> > remote machine. Prepending the authorized_keys entry with
> > command='rsync ...' 1024... results in the 'Protocol mismatch - is your
> > shell clean?' error.
This brings up an interesting question. Does anyone use the server
version of rsyncd with an ssh tunnel? In other words:
On the server, bring up sshd listening on *:22, and rsyncd accepting
connections from localhost only, port 873.
Then, on the client machine, set up an ssh tunnel:
ssh server -L 1873:server:873
(I just picked 1873 for convenience; you could use any open
user-accessible port).
Then rsync to localhost:1873, letting ssh carry the connection over the
tunnel to the server:
rsync rsync://user@localhost:1873/path/to/source dest
Does anyone use this approach? Are there any advantages/disadvantages?
Mike
More information about the rsync
mailing list