1rsync-ssl(1)                     User Commands                    rsync-ssl(1)
2
3
4

NAME

6       rsync-ssl - a helper script for connecting to an ssl rsync daemon
7

SYNOPSIS

9       rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
10
11       The online version of this manpage (that includes cross-linking of top‐
12       ics) is available at https://download.samba.org/pub/rsync/rsync-ssl.1.
13

DESCRIPTION

15       The rsync-ssl script helps you to run an rsync copy  to/from  an  rsync
16       daemon that requires ssl connections.
17
18       The  script  requires that you specify an rsync-daemon arg in the style
19       of either hostname:: (with 2 colons) or rsync://hostname/.  The default
20       port used for connecting is 874 (one higher than the normal 873) unless
21       overridden in the environment.  You can specify an overriding port  via
22       --port  or by including it in the normal spot in the URL format, though
23       both of those require your rsync version to be at least 3.2.0.
24

OPTIONS

26       If the first arg is a --type=SSL_TYPE option, the script will only  use
27       that  particular program to open an ssl connection instead of trying to
28       find an openssl or stunnel executable via a simple heuristic  (assuming
29       that  the RSYNC_SSL_TYPE environment variable is not set as well -- see
30       below).  This option must specify one of openssl or stunnel.  The equal
31       sign is required for this particular option.
32
33       All  the other options are passed through to the rsync command, so con‐
34       sult the rsync(1) manpage for more information on how it works.
35

ENVIRONMENT VARIABLES

37       The ssl helper scripts are affected by the following environment  vari‐
38       ables:
39
40       RSYNC_SSL_TYPE
41              Specifies  the  program type that should be used to open the ssl
42              connection.   It  must  be  one  of  openssl  or  stunnel.   The
43              --type=SSL_TYPE option overrides this, when specified.
44
45       RSYNC_SSL_PORT
46              If  specified,  the value is the port number that is used as the
47              default when the user does not specify a  port  in  their  rsync
48              command.   When  not  specified, the default port number is 874.
49              (Note that older rsync versions (prior to 3.2.0) did not  commu‐
50              nicate an overriding port number value to the helper script.)
51
52       RSYNC_SSL_CERT
53              If  specified,  the value is a filename that contains a certifi‐
54              cate to use for the connection.
55
56       RSYNC_SSL_KEY
57              If specified, the value is a filename that contains  a  key  for
58              the provided certificate to use for the connection.
59
60       RSYNC_SSL_CA_CERT
61              If  specified,  the value is a filename that contains a certifi‐
62              cate authority certificate that is used to validate the  connec‐
63              tion.
64
65       RSYNC_SSL_OPENSSL
66              Specifies the openssl executable to run when the connection type
67              is set to openssl.  If unspecified, the $PATH  is  searched  for
68              "openssl".
69
70       RSYNC_SSL_GNUTLS
71              Specifies  the  gnutls-cli executable to run when the connection
72              type is set to gnutls.  If unspecified, the  $PATH  is  searched
73              for "gnutls-cli".
74
75       RSYNC_SSL_STUNNEL
76              Specifies the stunnel executable to run when the connection type
77              is set to stunnel.  If unspecified, the $PATH is searched  first
78              for "stunnel4" and then for "stunnel".
79

EXAMPLES

81           rsync-ssl -aiv example.com::mod/ dest
82
83           rsync-ssl --type=openssl -aiv example.com::mod/ dest
84
85           rsync-ssl -aiv --port 9874 example.com::mod/ dest
86
87           rsync-ssl -aiv rsync://example.com:9874/mod/ dest
88

SEE ALSO

90       rsync(1), rsyncd.conf(5)
91

CAVEATS

93       Note  that  using  an stunnel connection requires at least version 4 of
94       stunnel, which should be the case on modern systems.  Also, it does not
95       verify  a  connection against the CA certificate collection, so it only
96       encrypts the connection without any cert  validation  unless  you  have
97       specified the certificate environment options.
98
99       This  script  also  supports a --type=gnutls option, but at the time of
100       this release the gnutls-cli command was dropping output, making it  un‐
101       usable.   If  that bug has been fixed in your version, feel free to put
102       gnutls into an exported RSYNC_SSL_TYPE environment variable to make its
103       use the default.
104

BUGS

106       Please report bugs! See the web site at https://rsync.samba.org/.
107

VERSION

109       This manpage is current for version 3.2.4 of rsync.
110

CREDITS

112       Rsync  is  distributed  under  the GNU General Public License.  See the
113       file COPYING for details.
114
115       A web site is available at https://rsync.samba.org/.  The site includes
116       an  FAQ-O-Matic  which  may  cover  questions unanswered by this manual
117       page.
118

AUTHOR

120       This manpage was written by Wayne Davison.
121
122       Mailing  lists  for  support   and   development   are   available   at
123       https://lists.samba.org/.
124
125
126
127rsync-ssl from rsync 3.2.4        15 Apr 2022                     rsync-ssl(1)
Impressum