[ale] rsync without ssh quick tutorial

Michael Trausch mike at trausch.us
Tue Jan 20 14:06:46 EST 2015


Just a reminder that it is time to learn the new packet filter: nftables replaces iptables, ip6tables, ebtables, etc and works with the whole stack and is more efficient. (I myself need to spend a few days working with it.)

There is a compatibility shim (xtables) but it generates rules that are less efficient than direct usage. 

Sent from my iPad

> On Jan 20, 2015, at 11:11 AM, James Sumners <james.sumners at gmail.com> wrote:
> 
> Since another thread is asking how to get it done, here's the quick rundown:
> 
> On the destination system, create a /etc/rsyncd.conf file and add some contents similar to:
> 
> #####
> max connections = 5
> log file = /var/log/rsync.log
> timeout = 300
> 
> [webroot]
>   comment = Static web resources root
>   path = /opt/webroot
>   read only = no
>   list = yes
>   uid = nobody
>   gid = webeditors
> #####
> 
> Then create a inetd configuration (the following is for xinetd):
> 
> #####
> service rsync
> {
>   disable = no
>   socket_type     = stream
>   wait            = no
>   user            = root
>   server          = /usr/bin/rsync
>   server_args     = --daemon
>   log_on_failure  += USERID
> }
> #####
> 
> Done. Now you can rsync some stuff over to that server. I highly recommend doing the following extra configuration on said server:
> 
> `iptables -A INPUT -p tcp -m tcp --dport 873 --src 10.0.0.15 -j ACCEPT\
> iptables -A INPUT -p tcp -m tcp --dport 873 -j DROP`
> 
> Where "10.0.0.15" is the client machine that will be sending data over rsync.
> 
> -- 
> James Sumners
> http://james.sumners.info/ (technical profile)
> http://jrfom.com/ (personal site)
> http://haplo.bandcamp.com/ (band page)
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150120/e42ce857/attachment.html>


More information about the Ale mailing list