Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] Restricting rsync to ssh only
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Wed, 23 Jan 2002 16:16:29 +0100 (MET)
  • Message-id: <Pine.LNX.4.44.0201231615070.13137-100000@xxxxxxxxxxxx>
>
> Sorry if the question has been asked before and already replied then
> just point me rather sending flames as it has already been an extremely
> bad day.
>
> This is what I want to do
>
> I am placing a webserver on DMZ (192.168.2.2) apache is running
> chrooted via compartment the webpages are located at $CHROOT/webhome the
> directory and files are owned by wwwrun.nogroup
>
>
> I want to be able to run rsync to update the web pages however I only
> want to open the minimum number of ports in the firewall.
>
> The question is how can I force rsync to except communication from ssh
> only rather than from rsync port.
>
> Thanks

You don't run rsyncd at all. Rather use it like

export RSYNC_RSH=ssh
rsync -avH --partial --delete source_dir user@host:remote_dir

rsync will launch ssh and execute rsync --server on the remote side.

Roman.


< Previous Next >
Follow Ups
References