1rsync-ssl(1)                     User Commands                    rsync-ssl(1)
2
3
4

NAME

6       rsync-ssl - a helper script for connecting to an ssl rsync daemon
7

SYNOPSIS

9       rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
10
11       The online version of this manpage (that includes cross-linking of top‐
12       ics) is available at https://download.samba.org/pub/rsync/rsync-ssl.1.
13

DESCRIPTION

15       The rsync-ssl script helps you to run an rsync copy  to/from  an  rsync
16       daemon that requires ssl connections.
17
18       The  script  requires that you specify an rsync-daemon arg in the style
19       of either hostname:: (with 2 colons) or rsync://hostname/.  The default
20       port used for connecting is 874 (one higher than the normal 873) unless
21       overridden in the environment.  You can specify an overriding port  via
22       --port  or by including it in the normal spot in the URL format, though
23       both of those require your rsync version to be at least 3.2.0.
24

OPTIONS

26       If the first arg is a --type=SSL_TYPE option, the script will only  use
27       that  particular program to open an ssl connection instead of trying to
28       find an openssl or stunnel executable via a simple heuristic  (assuming
29       that  the RSYNC_SSL_TYPE environment variable is not set as well -- see
30       below).  This option must specify one of openssl or stunnel.  The equal
31       sign is required for this particular option.
32
33       All  the other options are passed through to the rsync command, so con‐
34       sult the rsync(1) manpage for more information on how it works.
35

ENVIRONMENT VARIABLES

37       The ssl helper scripts are affected by the following environment  vari‐
38       ables:
39
40       RSYNC_SSL_TYPE
41              Specifies  the  program type that should be used to open the ssl
42              connection.   It  must  be  one  of  openssl  or  stunnel.   The
43              --type=SSL_TYPE option overrides this, when specified.
44
45       RSYNC_SSL_PORT
46              If  specified,  the value is the port number that is used as the
47              default when the user does not specify a  port  in  their  rsync
48              command.   When  not  specified, the default port number is 874.
49              (Note that older rsync versions (prior to 3.2.0) did not  commu‐
50              nicate an overriding port number value to the helper script.)
51
52       RSYNC_SSL_CERT
53              If  specified,  the value is a filename that contains a certifi‐
54              cate to use for the connection.
55
56       RSYNC_SSL_KEY
57              If specified, the value is a filename that contains  a  key  for
58              the provided certificate to use for the connection.
59
60       RSYNC_SSL_CA_CERT
61              If  specified,  the value is a filename that contains a certifi‐
62              cate authority certificate that is used to validate the  connec‐
63              tion.
64
65       RSYNC_SSL_OPENSSL
66              Specifies the openssl executable to run when the connection type
67              is set to openssl.  If unspecified, the $PATH  is  searched  for
68              "openssl".
69
70       RSYNC_SSL_GNUTLS
71              Specifies  the  gnutls-cli executable to run when the connection
72              type is set to gnutls.  If unspecified, the  $PATH  is  searched
73              for "gnutls-cli".
74
75       RSYNC_SSL_STUNNEL
76              Specifies the stunnel executable to run when the connection type
77              is set to stunnel.  If unspecified, the $PATH is searched  first
78              for "stunnel4" and then for "stunnel".
79

EXAMPLES

81           rsync-ssl -aiv example.com::mod/ dest
82
83           rsync-ssl --type=openssl -aiv example.com::mod/ dest
84
85           rsync-ssl -aiv --port 9874 example.com::mod/ dest
86
87           rsync-ssl -aiv rsync://example.com:9874/mod/ dest
88

THE SERVER SIDE

90       For  help  setting up an SSL/TLS supporting rsync, see the instructions
91       in rsyncd.conf.
92

SEE ALSO

94       rsync(1), rsyncd.conf(5)
95

CAVEATS

97       Note that using an stunnel connection requires at least  version  4  of
98       stunnel, which should be the case on modern systems.  Also, it does not
99       verify a connection against the CA certificate collection, so  it  only
100       encrypts  the  connection  without  any cert validation unless you have
101       specified the certificate environment options.
102
103       This script also supports a --type=gnutls option, but at  the  time  of
104       this  release the gnutls-cli command was dropping output, making it un‐
105       usable.  If that bug has been fixed in your version, feel free  to  put
106       gnutls into an exported RSYNC_SSL_TYPE environment variable to make its
107       use the default.
108

BUGS

110       Please report bugs! See the web site at https://rsync.samba.org/.
111

VERSION

113       This manpage is current for version 3.2.7 of rsync.
114

CREDITS

116       Rsync is distributed under the GNU General  Public  License.   See  the
117       file COPYING for details.
118
119       A web site is available at https://rsync.samba.org/.  The site includes
120       an FAQ-O-Matic which may cover  questions  unanswered  by  this  manual
121       page.
122

AUTHOR

124       This manpage was written by Wayne Davison.
125
126       Mailing   lists   for   support   and   development  are  available  at
127       https://lists.samba.org/.
128
129
130
131rsync-ssl from rsync 3.2.7        20 Oct 2022                     rsync-ssl(1)
Impressum