Annotation of embedaddon/rsync/rsync-ssl.1, revision 1.1.1.1
1.1 misho 1: .TH "rsync-ssl" "1" "06 Aug 2020" "rsync-ssl 3.2.3" "User Commands"
2: .P
3: .SH "NAME"
4: .P
5: rsync-ssl \- a helper script for connecting to an ssl rsync daemon
6: .P
7: .SH "SYNOPSIS"
8: .P
9: .nf
10: rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
11: .fi
12: .P
13: .SH "DESCRIPTION"
14: .P
15: The rsync-ssl script helps you to run an rsync copy to/from an rsync daemon
16: that requires ssl connections.
17: .P
18: The script requires that you specify an rsync-daemon arg in the style of either
19: \fBhostname::\fP (with 2 colons) or \fBrsync://hostname/\fP. The default port used for
20: connecting is 874 (one higher than the normal 873) unless overridden in the
21: environment. You can specify an overriding port via \fB\-\-port\fP or by including
22: it in the normal spot in the URL format, though both of those require your
23: rsync version to be at least 3.2.0.
24: .P
25: .SH "OPTIONS"
26: .P
27: If the \fBfirst\fP arg is a \fB\-\-type=SSL_TYPE\fP option, the script will only use
28: that particular program to open an ssl connection instead of trying to find an
29: openssl or stunnel executable via a simple heuristic (assuming that the
30: \fBRSYNC_SSL_TYPE\fP environment variable is not set as well\ \-\- see below). This
31: option must specify one of \fBopenssl\fP or \fBstunnel\fP. The equal sign is
32: required for this particular option.
33: .P
34: All the other options are passed through to the rsync command, so consult the
35: \fBrsync\fP(1) manpage for more information on how it works.
36: .P
37: .SH "ENVIRONMENT VARIABLES"
38: .P
39: The ssl helper scripts are affected by the following environment variables:
40: .P
41: .IP "\fBRSYNC_SSL_TYPE\fP"
42: Specifies the program type that should be used to open the
43: ssl connection. It must be one of \fBopenssl\fP or \fBstunnel\fP. The
44: \fB\-\-type=SSL_TYPE\fP option overrides this, when specified.
45: .IP "\fBRSYNC_SSL_PORT\fP"
46: If specified, the value is the port number that is used as
47: the default when the user does not specify a port in their rsync command.
48: When not specified, the default port number is 874. (Note that older rsync
49: versions (prior to 3.2.0) did not communicate an overriding port number
50: value to the helper script.)
51: .IP "\fBRSYNC_SSL_CERT\fP"
52: If specified, the value is a filename that contains a
53: certificate to use for the connection.
54: .IP "\fBRSYNC_SSL_CA_CERT\fP"
55: If specified, the value is a filename that contains a
56: certificate authority certificate that is used to validate the connection.
57: .IP "\fBRSYNC_SSL_OPENSSL\fP"
58: Specifies the openssl executable to run when the
59: connection type is set to openssl. If unspecified, the $PATH is searched
60: for "openssl".
61: .IP "\fBRSYNC_SSL_GNUTLS\fP"
62: Specifies the gnutls-cli executable to run when the
63: connection type is set to gnutls. If unspecified, the $PATH is searched
64: for "gnutls-cli".
65: .IP "\fBRSYNC_SSL_STUNNEL\fP"
66: Specifies the stunnel executable to run when the
67: connection type is set to stunnel. If unspecified, the $PATH is searched
68: first for "stunnel4" and then for "stunnel".
69: .P
70: .SH "EXAMPLES"
71: .RS 4
72: .P
73: .nf
74: rsync-ssl -aiv example.com::mod/ dest
75: .fi
76: .RE
77: .RS 4
78: .P
79: .nf
80: rsync-ssl --type=openssl -aiv example.com::mod/ dest
81: .fi
82: .RE
83: .RS 4
84: .P
85: .nf
86: rsync-ssl -aiv --port 9874 example.com::mod/ dest
87: .fi
88: .RE
89: .RS 4
90: .P
91: .nf
92: rsync-ssl -aiv rsync://example.com:9874/mod/ dest
93: .fi
94: .RE
95: .P
96: .SH "SEE ALSO"
97: .P
98: \fBrsync\fP(1), \fBrsyncd.conf\fP(5)
99: .P
100: .SH "CAVEATS"
101: .P
102: Note that using an stunnel connection requires at least version 4 of stunnel,
103: which should be the case on modern systems. Also, it does not verify a
104: connection against the CA certificate collection, so it only encrypts the
105: connection without any cert validation unless you have specified the
106: certificate environment options.
107: .P
108: This script also supports a \fB\-\-type=gnutls\fP option, but at the time of this
109: release the gnutls-cli command was dropping output, making it unusable. If
110: that bug has been fixed in your version, feel free to put gnutls into an
111: exported RSYNC_SSL_TYPE environment variable to make its use the default.
112: .P
113: .SH "BUGS"
114: .P
115: Please report bugs! See the web site at https://rsync.samba.org/.
116: .P
117: .SH "VERSION"
118: .P
119: This man page is current for version 3.2.3 of rsync.
120: .P
121: .SH "CREDITS"
122: .P
123: rsync is distributed under the GNU General Public License. See the file
124: COPYING for details.
125: .P
126: A web site is available at https://rsync.samba.org/. The site includes an
127: FAQ-O-Matic which may cover questions unanswered by this manual page.
128: .P
129: .SH "AUTHOR"
130: .P
131: This manpage was written by Wayne Davison.
132: .P
133: Mailing lists for support and development are available at
134: https://lists.samba.org/.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to rsync-ssl.1 CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / rsync