These instructions can be used to securely and automatically rsync files between 2 computers (Linux or Mac) either on your local network or even across the Internet using certificates/keys instead of passwords. Syncing files between 2 computers without using passwords is really not as difficult as it may seem, trust me!
The instructions below are combination of how-to guides I have found online and my own personal experience setting up syncing between computers. This guide is written from the perspective of using Ubuntu Linux, but the majority of the commands would be the same on any flavor of Linux or even Mac OS X.
In this scenario I reference two computers:
Server A: This server is the remote host (the one that will be receiving files)
Server B: This server is the connecting host (the one that will be sending files).
Automatically back up/rsync a folder from one Web server to the other every 10 min. securely but without passwords.
Step 1: Generate SSH Keys
- Login to Server B (connecting host) as root
- cd /home/%user% or cd /home
- On connecting host (Server B), Generate keys:
ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
Step 2: Create User on Server A
- Login to Server A (remote host)
- Create user on remote host:
Step 3: Copy Key Pair to Server A
- Copy Key pair to home folder of user you just created From Server B (connecting) to remote host Server A (remote)
scp /root/.ssh/id_dsa* firstname.lastname@example.org:/home/%user%
Step 4: Install Keys/Certificate
Login as rsync user on Server A (remote) (**Hint: This is the user you created in Step 2**)
if [ ! -d .ssh ]; then mkdir .ssh ; chmod 700 .ssh ; fi
$ mv id_dsa.pub .ssh/
$ cd .ssh/
$ if [ ! -f authorized_keys ]; then touch authorized_keys ; chmod 600 authorized_keys ; fi
$ cat id_dsa.pub >> authorized_keys
$ cat authorized_keys
**Hint: The last command in step 4 should list the authorized keys for that user.
command from Server B (connecting). If it doesn't ask for a password, it worked!
Step 5: Install Rsync
Install rsync on source computer. Instructions below are for Ubuntu.
apt-get install rsync
RSync Dry run
rsync -vzrtn -e ssh --delete %email@example.com:sync_directory/ /path/to/other/directory/
**Hint: Be sure that you are running rsync 3.07 or later. These options “- vzrtn” are what worked for me, but depending on what you need you may want to change them. Also keep in mind that the “- n” option is only for a dry run and should be removed when creating your script below in step 6.**
Step 6: Create Script and Cron Job
Add rsync command. Be sure script is all on one line.
rsync -vzrt -e ssh --delete %firstname.lastname@example.org:sync_directory/ /path/to/other/directory/
Step 7: Create Cron job
0,10,20,30,40,50 * * * * /bin/rsync.sh #Description…
The schedule above will run every 10 minutes. There are lots of great articles online for how to modify Cron tab schedules to meet your needs.