0

I need to do daily copy of large file tree over the public internet, and do that effectively. As far as I know, if I use rsyncd on receive part then sync is done quite effectively since during file tree compare part both sides (sender and receiver) can scan existing file trees locally. This way, I suppose to sync to rsyncd and that's fine, but the sending will be in plain text and I need to encrypt it since I use public Internet.

On the contrary, if I run sync like this: rsync -a /localtree user@host:/remotetree/ then all is done by the same (local) rsync, it uses ssh to login to remote system, scan its filesystem and do the sync. Then I get encryption on all phases but the remote tree scan is not that effective.

So, looks like rsyncd is for effectiveness and rsync (over ssh) is for secureness? Do I have an option to use rsyncd securely without need to setup (explicit) VPN between hosts?

Please advice, since syncing files seems to be wildly used around and I suppose just miss something on encryption part.

Improve this question

1 Answer 1

Reset to default
3

Your assumption that rsync over ssh (remote shell) will mean your local rsync gets to do all the work, is not correct.

When using a command like rsync -a /localtree user@host:/remotetree/ to rsync to a remote system over ssh, there are two rsync instances at work: the local one (started by you) and a remote one (started by the remote shell). Both instances communicate via pipes through the remote shell.

The process is described here.

Which means that, when connecting to a remote system with rsync through ssh, scanning remote files is handled by the remote rsync "server" (not to be confused with the rsyncd daemon) instance so it is just as effective as scanning locally.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .