Annotation of embedaddon/rsync/rsync-ssl.1, revision 1.1
1.1 ! misho 1: .TH "rsync-ssl" "1" "06 Aug 2020" "rsync-ssl 3.2.3" "User Commands"
! 2: .P
! 3: .SH "NAME"
! 4: .P
! 5: rsync-ssl \- a helper script for connecting to an ssl rsync daemon
! 6: .P
! 7: .SH "SYNOPSIS"
! 8: .P
! 9: .nf
! 10: rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
! 11: .fi
! 12: .P
! 13: .SH "DESCRIPTION"
! 14: .P
! 15: The rsync-ssl script helps you to run an rsync copy to/from an rsync daemon
! 16: that requires ssl connections.
! 17: .P
! 18: The script requires that you specify an rsync-daemon arg in the style of either
! 19: \fBhostname::\fP (with 2 colons) or \fBrsync://hostname/\fP. The default port used for
! 20: connecting is 874 (one higher than the normal 873) unless overridden in the
! 21: environment. You can specify an overriding port via \fB\-\-port\fP or by including
! 22: it in the normal spot in the URL format, though both of those require your
! 23: rsync version to be at least 3.2.0.
! 24: .P
! 25: .SH "OPTIONS"
! 26: .P
! 27: If the \fBfirst\fP arg is a \fB\-\-type=SSL_TYPE\fP option, the script will only use
! 28: that particular program to open an ssl connection instead of trying to find an
! 29: openssl or stunnel executable via a simple heuristic (assuming that the
! 30: \fBRSYNC_SSL_TYPE\fP environment variable is not set as well\ \-\- see below). This
! 31: option must specify one of \fBopenssl\fP or \fBstunnel\fP. The equal sign is
! 32: required for this particular option.
! 33: .P
! 34: All the other options are passed through to the rsync command, so consult the
! 35: \fBrsync\fP(1) manpage for more information on how it works.
! 36: .P
! 37: .SH "ENVIRONMENT VARIABLES"
! 38: .P
! 39: The ssl helper scripts are affected by the following environment variables:
! 40: .P
! 41: .IP "\fBRSYNC_SSL_TYPE\fP"
! 42: Specifies the program type that should be used to open the
! 43: ssl connection. It must be one of \fBopenssl\fP or \fBstunnel\fP. The
! 44: \fB\-\-type=SSL_TYPE\fP option overrides this, when specified.
! 45: .IP "\fBRSYNC_SSL_PORT\fP"
! 46: If specified, the value is the port number that is used as
! 47: the default when the user does not specify a port in their rsync command.
! 48: When not specified, the default port number is 874. (Note that older rsync
! 49: versions (prior to 3.2.0) did not communicate an overriding port number
! 50: value to the helper script.)
! 51: .IP "\fBRSYNC_SSL_CERT\fP"
! 52: If specified, the value is a filename that contains a
! 53: certificate to use for the connection.
! 54: .IP "\fBRSYNC_SSL_CA_CERT\fP"
! 55: If specified, the value is a filename that contains a
! 56: certificate authority certificate that is used to validate the connection.
! 57: .IP "\fBRSYNC_SSL_OPENSSL\fP"
! 58: Specifies the openssl executable to run when the
! 59: connection type is set to openssl. If unspecified, the $PATH is searched
! 60: for "openssl".
! 61: .IP "\fBRSYNC_SSL_GNUTLS\fP"
! 62: Specifies the gnutls-cli executable to run when the
! 63: connection type is set to gnutls. If unspecified, the $PATH is searched
! 64: for "gnutls-cli".
! 65: .IP "\fBRSYNC_SSL_STUNNEL\fP"
! 66: Specifies the stunnel executable to run when the
! 67: connection type is set to stunnel. If unspecified, the $PATH is searched
! 68: first for "stunnel4" and then for "stunnel".
! 69: .P
! 70: .SH "EXAMPLES"
! 71: .RS 4
! 72: .P
! 73: .nf
! 74: rsync-ssl -aiv example.com::mod/ dest
! 75: .fi
! 76: .RE
! 77: .RS 4
! 78: .P
! 79: .nf
! 80: rsync-ssl --type=openssl -aiv example.com::mod/ dest
! 81: .fi
! 82: .RE
! 83: .RS 4
! 84: .P
! 85: .nf
! 86: rsync-ssl -aiv --port 9874 example.com::mod/ dest
! 87: .fi
! 88: .RE
! 89: .RS 4
! 90: .P
! 91: .nf
! 92: rsync-ssl -aiv rsync://example.com:9874/mod/ dest
! 93: .fi
! 94: .RE
! 95: .P
! 96: .SH "SEE ALSO"
! 97: .P
! 98: \fBrsync\fP(1), \fBrsyncd.conf\fP(5)
! 99: .P
! 100: .SH "CAVEATS"
! 101: .P
! 102: Note that using an stunnel connection requires at least version 4 of stunnel,
! 103: which should be the case on modern systems. Also, it does not verify a
! 104: connection against the CA certificate collection, so it only encrypts the
! 105: connection without any cert validation unless you have specified the
! 106: certificate environment options.
! 107: .P
! 108: This script also supports a \fB\-\-type=gnutls\fP option, but at the time of this
! 109: release the gnutls-cli command was dropping output, making it unusable. If
! 110: that bug has been fixed in your version, feel free to put gnutls into an
! 111: exported RSYNC_SSL_TYPE environment variable to make its use the default.
! 112: .P
! 113: .SH "BUGS"
! 114: .P
! 115: Please report bugs! See the web site at https://rsync.samba.org/.
! 116: .P
! 117: .SH "VERSION"
! 118: .P
! 119: This man page is current for version 3.2.3 of rsync.
! 120: .P
! 121: .SH "CREDITS"
! 122: .P
! 123: rsync is distributed under the GNU General Public License. See the file
! 124: COPYING for details.
! 125: .P
! 126: A web site is available at https://rsync.samba.org/. The site includes an
! 127: FAQ-O-Matic which may cover questions unanswered by this manual page.
! 128: .P
! 129: .SH "AUTHOR"
! 130: .P
! 131: This manpage was written by Wayne Davison.
! 132: .P
! 133: Mailing lists for support and development are available at
! 134: https://lists.samba.org/.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>