|< Day Day Up >|
Recipe 16.3. Making Secure Transfers with rsync and ssh
Use rsync over ssh. ssh must be set up and working on all hosts.
Specify your source and destination, and specify ssh with the -e flag. This command transfers files over the local network, to ljl's account on the remote PC "stinkpad":
ljl@compak:~$ rsync -av -e ssh stationery stinkpad:test ljl@stinkpad's password: building file list ... done stationery/ stationery/ljl-return-address-small.sxw stationery/ljl-holiday-label.sxw stationery/ljl-return-address-MV-small.sxw wrote 25984 bytes read 68 bytes 7443.43 bytes/sec total size is 25666 speedup is 0.99
Beware of filepath trickiness. stinkpad:test uploads the stationery directory and its contents to /home/ljl/test on stinkpad. If /test does not exist, rsync will create it:
ljl@stinkpad's password: building file list ... done created directory test
If you want to upload to a directory outside of your home directory, you'll need sufficient permissions for rsync to create a new directory, or you'll need it to be an existing directory that you can write to. Precede the upload directory with a forward slash, to make it relative to the root filesystem instead of to your home directory:
$ rsync -av -e ssh stationery stinkpad:/shared_uploads
To upload files over the Internet, use your login on the remote system and the full domain name:
$ rsync -av -e ssh stationery firstname.lastname@example.org:/shared_uploads
The syntax for copying files from a remote host is a little different. This copies the /scripts directory and its contents from the remote host to your local /downloads directory:
$ rsync -av -e ssh email@example.com:/shared_uploads/scripts ~/downloads/
Both authentication and transport are encrypted, so this is a nice, secure way to transfer sensitive files. The one downside is that users need shell accounts on all machines they are going to store files on or retrieve files from, so it's a bit of work to set up. A central server, with shared directories, is a good way to manage complex file sharing scenarios. You can control access with the usual Linux tools—file and directory permissions, and user groups, and you can use unique logins on the shared server, for extra security.
16.3.4 See Also
|< Day Day Up >|