[ale] rsync without ssh quick tutorial
Michael Trausch
mike at trausch.us
Tue Jan 20 14:06:46 EST 2015
Just a reminder that it is time to learn the new packet filter: nftables replaces iptables, ip6tables, ebtables, etc and works with the whole stack and is more efficient. (I myself need to spend a few days working with it.)
There is a compatibility shim (xtables) but it generates rules that are less efficient than direct usage.
Sent from my iPad
> On Jan 20, 2015, at 11:11 AM, James Sumners <james.sumners at gmail.com> wrote:
>
> Since another thread is asking how to get it done, here's the quick rundown:
>
> On the destination system, create a /etc/rsyncd.conf file and add some contents similar to:
>
> #####
> max connections = 5
> log file = /var/log/rsync.log
> timeout = 300
>
> [webroot]
> comment = Static web resources root
> path = /opt/webroot
> read only = no
> list = yes
> uid = nobody
> gid = webeditors
> #####
>
> Then create a inetd configuration (the following is for xinetd):
>
> #####
> service rsync
> {
> disable = no
> socket_type = stream
> wait = no
> user = root
> server = /usr/bin/rsync
> server_args = --daemon
> log_on_failure += USERID
> }
> #####
>
> Done. Now you can rsync some stuff over to that server. I highly recommend doing the following extra configuration on said server:
>
> `iptables -A INPUT -p tcp -m tcp --dport 873 --src 10.0.0.15 -j ACCEPT\
> iptables -A INPUT -p tcp -m tcp --dport 873 -j DROP`
>
> Where "10.0.0.15" is the client machine that will be sending data over rsync.
>
> --
> James Sumners
> http://james.sumners.info/ (technical profile)
> http://jrfom.com/ (personal site)
> http://haplo.bandcamp.com/ (band page)
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150120/e42ce857/attachment.html>
More information about the Ale
mailing list