[BACK]Return to rsync-ssl.1.md CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync / rsync-ssl.1.md
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Mar 17 00:32:36 2021 UTC (3 years, 3 months ago) by misho
Branches: rsync, MAIN
CVS tags: v3_2_3, HEAD
rsync 3.2.3

    1: # NAME
    2: 
    3: rsync-ssl - a helper script for connecting to an ssl rsync daemon
    4: 
    5: # SYNOPSIS
    6: 
    7: ```
    8: rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
    9: ```
   10: 
   11: # DESCRIPTION
   12: 
   13: The rsync-ssl script helps you to run an rsync copy to/from an rsync daemon
   14: that requires ssl connections.
   15: 
   16: The script requires that you specify an rsync-daemon arg in the style of either
   17: `hostname::` (with 2 colons) or `rsync://hostname/`.  The default port used for
   18: connecting is 874 (one higher than the normal 873) unless overridden in the
   19: environment.  You can specify an overriding port via `--port` or by including
   20: it in the normal spot in the URL format, though both of those require your
   21: rsync version to be at least 3.2.0.
   22: 
   23: # OPTIONS
   24: 
   25: If the **first** arg is a `--type=SSL_TYPE` option, the script will only use
   26: that particular program to open an ssl connection instead of trying to find an
   27: openssl or stunnel executable via a simple heuristic (assuming that the
   28: `RSYNC_SSL_TYPE` environment variable is not set as well -- see below).  This
   29: option must specify one of `openssl` or `stunnel`.  The equal sign is
   30: required for this particular option.
   31: 
   32: All the other options are passed through to the rsync command, so consult the
   33: **rsync**(1) manpage for more information on how it works.
   34: 
   35: # ENVIRONMENT VARIABLES
   36: 
   37: The ssl helper scripts are affected by the following environment variables:
   38: 
   39: 0.  `RSYNC_SSL_TYPE` Specifies the program type that should be used to open the
   40:     ssl connection.  It must be one of `openssl` or `stunnel`.  The
   41:     `--type=SSL_TYPE` option overrides this, when specified.
   42: 0.  `RSYNC_SSL_PORT` If specified, the value is the port number that is used as
   43:     the default when the user does not specify a port in their rsync command.
   44:     When not specified, the default port number is 874.  (Note that older rsync
   45:     versions (prior to 3.2.0) did not communicate an overriding port number
   46:     value to the helper script.)
   47: 0.  `RSYNC_SSL_CERT` If specified, the value is a filename that contains a
   48:     certificate to use for the connection.
   49: 0.  `RSYNC_SSL_CA_CERT` If specified, the value is a filename that contains a
   50:     certificate authority certificate that is used to validate the connection.
   51: 0.  `RSYNC_SSL_OPENSSL` Specifies the openssl executable to run when the
   52:     connection type is set to openssl.  If unspecified, the $PATH is searched
   53:     for "openssl".
   54: 0.  `RSYNC_SSL_GNUTLS` Specifies the gnutls-cli executable to run when the
   55:     connection type is set to gnutls.  If unspecified, the $PATH is searched
   56:     for "gnutls-cli".
   57: 0.  `RSYNC_SSL_STUNNEL` Specifies the stunnel executable to run when the
   58:     connection type is set to stunnel.  If unspecified, the $PATH is searched
   59:     first for "stunnel4" and then for "stunnel".
   60: 
   61: # EXAMPLES
   62: 
   63: >     rsync-ssl -aiv example.com::mod/ dest
   64: 
   65: >     rsync-ssl --type=openssl -aiv example.com::mod/ dest
   66: 
   67: >     rsync-ssl -aiv --port 9874 example.com::mod/ dest
   68: 
   69: >     rsync-ssl -aiv rsync://example.com:9874/mod/ dest
   70: 
   71: # SEE ALSO
   72: 
   73: **rsync**(1), **rsyncd.conf**(5)
   74: 
   75: # CAVEATS
   76: 
   77: Note that using an stunnel connection requires at least version 4 of stunnel,
   78: which should be the case on modern systems.  Also, it does not verify a
   79: connection against the CA certificate collection, so it only encrypts the
   80: connection without any cert validation unless you have specified the
   81: certificate environment options.
   82: 
   83: This script also supports a `--type=gnutls` option, but at the time of this
   84: release the gnutls-cli command was dropping output, making it unusable.  If
   85: that bug has been fixed in your version, feel free to put gnutls into an
   86: exported RSYNC_SSL_TYPE environment variable to make its use the default.
   87: 
   88: # BUGS
   89: 
   90: Please report bugs! See the web site at <https://rsync.samba.org/>.
   91: 
   92: # VERSION
   93: 
   94: This man page is current for version @VERSION@ of rsync.
   95: 
   96: # CREDITS
   97: 
   98: rsync is distributed under the GNU General Public License.  See the file
   99: COPYING for details.
  100: 
  101: A web site is available at <https://rsync.samba.org/>.  The site includes an
  102: FAQ-O-Matic which may cover questions unanswered by this manual page.
  103: 
  104: # AUTHOR
  105: 
  106: This manpage was written by Wayne Davison.
  107: 
  108: Mailing lists for support and development are available at
  109: <https://lists.samba.org/>.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>