dlostboy (at) lostinfo (dot) com 
Home | Journal | Multimedia | Files | Other | Links | About
      FreeBSD HOWTO for setting up rsync

Ok, so you have some files that you need to keep synchronized between servers and do not want to have to keep them up to date manually. CVS is a great option that also gives you version control and authoring notes and blah blah blah but it is rather time consuming to set up for the first time, and has alot of overhead for simple tasks. We'll opt for another way of doing it...rsync.

For my examples, we'll say that you want to synchronize a directory tree containing file1 -> file12 that need to be rather up to date and you want it to be a automated process. We'll say for this example that they are in the directory /home/myusername/myfiles

  • cd /usr/ports/net/rsync; make install clean
    That'll get your binaries on the client machine. Now rsync has a couple of methods for setting up authorization...everything from nothing (rsh- yuk) to RSA public-key (yea!) to it's own authentication scheme (more overhead). We'll use the RSA + SSH method since you probably already have a ssh daemon running (it does by default in all FreeBSD 4.2+)

    Add the myusername to the remote machine. Create a .ssh directory in that user's home directory and make sure nobody but myusername and root can read it. Now goto the client machine and

  • ssh-keygen (on newer versions of FreeBSD, you'll want to "ssh-keygen -t rsa")
    This will generate the RSA keys for that username. When it asks for a passphrase, we're not going to put one...otherwise when you try to connect it'll still prompt you for a password which will defeat our crontabbing we'll do later.

    Now that you have a .ssh/identity & .ssh/identity.pub (.ssh/id_rsa.pub in newer versions) in your /home/myusername directory, binary FTP (or other method) the "identity.pub" file to your remote machine. Place that file in the /home/myusername/.ssh directory on the remote machine and rename the file to "authorized_keys". It should be owned by the "myusername" and set to 600 permissions (sshd runs as root so it's ok).

    Now go back to the client machine and ssh to the remote machine. It should let you in without a password now. If it asks you for a RSA challenge phrase, it's cause you screwed up and typed a challenge phrase when you ssh-keygen'ed. If it asks you for a password like normal then doublecheck that your identity.pub from the client machine is in /home/myusername/.ssh as authorized_keys on the remote machine.

    Now that you have the security set up, you just need to crontab (via /etc/crontab or "crontab -e") the rsync job to synchronize your trees. We'll use the --delete option because we want an exact copy...excluding this option allows files to exist on the remote machine that do not exist on the client machine. You can man rsync for all the options, but just do a

  • /usr/local/bin/rsync -azr /home/myusername/myfiles remote.server.name:/home/myusername
    Tada! Rsync will keep the files on the remote synchronized (not just overwritten...a nice prevention of wasted processor/datastream time) as often as you'd like. Remove the -r option to have rsync NOT recursively traverse the tree.
    •  
     

      ©2000, ©2001 LostInformation