rsync via restricted ssh command=

Matt McCutchen matt at
Thu Jun 3 08:45:17 MDT 2010

On Thu, 2010-06-03 at 20:18 +1000, Mark Constable wrote:
> I've read a few tutorials about how to use rsync via ssh using the
> command= functionality to restrict where the user can sync to. I've
> got this on the on the destination side in it's ~/.ssh/authorized_keys...
> command="rsync --server -vvnlogDtpre.iLsf --timeout=999 . bkp",no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-rsa AAetc

Don't override the rsync server arguments like that.  It can cause rsync
to fail in strange ways if for any reason the server arguments are not
exactly what you expected.  Instead, use a wrapper script such as rrsync
or (my preference) use a single-use rsync daemon.  See:


More information about the rsync mailing list