GSP/Panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Panel/Agent-Windows/OGP64/usr/share/doc/rsync/rsync-ssl.1.html
iaretechnician 413c315806 Added Cyg-Win
2026-06-06 18:46:40 -04:00

154 lines
7.7 KiB
HTML
Raw Blame History

<html><head>
<title>rsync-ssl(1) manpage</title>
<meta charset="UTF-8"/>
<link href="https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Mono&display=swap" rel="stylesheet">
<style>
body {
max-width: 50em;
margin: auto;
}
body, b, strong, u {
font-family: 'Roboto', sans-serif;
}
a.tgt { font-face: symbol; font-weight: 400; font-size: 70%; visibility: hidden; text-decoration: none; color: #ddd; padding: 0 4px; border: 0; }
a.tgt:after { content: '🔗'; }
a.tgt:hover { color: #444; background-color: #eaeaea; }
h1:hover > a.tgt, h2:hover > a.tgt, h3:hover > a.tgt, dt:hover > a.tgt { visibility: visible; }
code {
font-family: 'Roboto Mono', monospace;
font-weight: bold;
white-space: pre;
}
pre code {
display: block;
font-weight: normal;
}
blockquote pre code {
background: #f1f1f1;
}
dd p:first-of-type {
margin-block-start: 0em;
}
</style>
</head><body>
<h2 id="NAME">NAME<a href="#NAME" class="tgt"></a></h2>
<p>rsync-ssl -&#8288; a helper script for connecting to an ssl rsync daemon</p>
<h2 id="SYNOPSIS">SYNOPSIS<a href="#SYNOPSIS" class="tgt"></a></h2>
<pre><code>rsync-ssl [--type=SSL_TYPE] RSYNC_ARGS
</code></pre>
<p>The online version of this manpage (that includes cross-linking of topics)
is available at <a href="https://download.samba.org/pub/rsync/rsync-ssl.1">https://download.samba.org/pub/rsync/rsync-ssl.1</a>.</p>
<h2 id="DESCRIPTION">DESCRIPTION<a href="#DESCRIPTION" class="tgt"></a></h2>
<p>The rsync-ssl script helps you to run an rsync copy to/from an rsync daemon
that requires ssl connections.</p>
<p>The script requires that you specify an rsync-daemon arg in the style of either
<code>hostname::</code> (with 2 colons) or <code>rsync://hostname/</code>. The default port used for
connecting is 874 (one higher than the normal 873) unless overridden in the
environment. You can specify an overriding port via <code>--port</code> or by including
it in the normal spot in the URL format, though both of those require your
rsync version to be at least 3.2.0.</p>
<h2 id="OPTIONS">OPTIONS<a href="#OPTIONS" class="tgt"></a></h2>
<p>If the <strong>first</strong> arg is a <code>--type=SSL_TYPE</code> option, the script will only use
that particular program to open an ssl connection instead of trying to find an
openssl or stunnel executable via a simple heuristic (assuming that the
<code>RSYNC_SSL_TYPE</code> environment variable is not set as well&nbsp;-&#8288;-&#8288; see below). This
option must specify one of <code>openssl</code> or <code>stunnel</code>. The equal sign is
required for this particular option.</p>
<p>All the other options are passed through to the rsync command, so consult the
<strong>rsync</strong>(1) manpage for more information on how it works.</p>
<h2 id="ENVIRONMENT_VARIABLES">ENVIRONMENT VARIABLES<a href="#ENVIRONMENT_VARIABLES" class="tgt"></a></h2>
<p>The ssl helper scripts are affected by the following environment variables:</p>
<dl>
<dt id="RSYNC_SSL_TYPE"><code>RSYNC_SSL_TYPE</code><a href="#RSYNC_SSL_TYPE" class="tgt"></a></dt><dd>
<p>Specifies the program type that should be used to open the ssl connection.
It must be one of <code>openssl</code> or <code>stunnel</code>. The <code>--type=SSL_TYPE</code> option
overrides this, when specified.</p>
</dd>
<dt id="RSYNC_SSL_PORT"><code>RSYNC_SSL_PORT</code><a href="#RSYNC_SSL_PORT" class="tgt"></a></dt><dd>
<p>If specified, the value is the port number that is used as the default when
the user does not specify a port in their rsync command. When not
specified, the default port number is 874. (Note that older rsync versions
(prior to 3.2.0) did not communicate an overriding port number value to the
helper script.)</p>
</dd>
<dt id="RSYNC_SSL_CERT"><code>RSYNC_SSL_CERT</code><a href="#RSYNC_SSL_CERT" class="tgt"></a></dt><dd>
<p>If specified, the value is a filename that contains a certificate to use
for the connection.</p>
</dd>
<dt id="RSYNC_SSL_KEY"><code>RSYNC_SSL_KEY</code><a href="#RSYNC_SSL_KEY" class="tgt"></a></dt><dd>
<p>If specified, the value is a filename that contains a key for the provided
certificate to use for the connection.</p>
</dd>
<dt id="RSYNC_SSL_CA_CERT"><code>RSYNC_SSL_CA_CERT</code><a href="#RSYNC_SSL_CA_CERT" class="tgt"></a></dt><dd>
<p>If specified, the value is a filename that contains a certificate authority
certificate that is used to validate the connection.</p>
</dd>
<dt id="RSYNC_SSL_OPENSSL"><code>RSYNC_SSL_OPENSSL</code><a href="#RSYNC_SSL_OPENSSL" class="tgt"></a></dt><dd>
<p>Specifies the openssl executable to run when the connection type is set to
openssl. If unspecified, the $PATH is searched for &quot;openssl&quot;.</p>
</dd>
<dt id="RSYNC_SSL_GNUTLS"><code>RSYNC_SSL_GNUTLS</code><a href="#RSYNC_SSL_GNUTLS" class="tgt"></a></dt><dd>
<p>Specifies the gnutls-cli executable to run when the connection type is set
to gnutls. If unspecified, the $PATH is searched for &quot;gnutls-cli&quot;.</p>
</dd>
<dt id="RSYNC_SSL_STUNNEL"><code>RSYNC_SSL_STUNNEL</code><a href="#RSYNC_SSL_STUNNEL" class="tgt"></a></dt><dd>
<p>Specifies the stunnel executable to run when the connection type is set to
stunnel. If unspecified, the $PATH is searched first for &quot;stunnel4&quot; and
then for &quot;stunnel&quot;.</p>
</dd>
</dl>
<h2 id="EXAMPLES">EXAMPLES<a href="#EXAMPLES" class="tgt"></a></h2>
<blockquote>
<pre><code>rsync-ssl -aiv example.com::mod/ dest
</code></pre>
</blockquote>
<blockquote>
<pre><code>rsync-ssl --type=openssl -aiv example.com::mod/ dest
</code></pre>
</blockquote>
<blockquote>
<pre><code>rsync-ssl -aiv --port 9874 example.com::mod/ dest
</code></pre>
</blockquote>
<blockquote>
<pre><code>rsync-ssl -aiv rsync://example.com:9874/mod/ dest
</code></pre>
</blockquote>
<h2 id="THE_SERVER_SIDE">THE SERVER SIDE<a href="#THE_SERVER_SIDE" class="tgt"></a></h2>
<p>For help setting up an SSL/TLS supporting rsync, see the <a href="rsyncd.conf.5#SSL_TLS_Daemon_Setup">instructions in
rsyncd.conf</a>.</p>
<h2 id="SEE_ALSO">SEE ALSO<a href="#SEE_ALSO" class="tgt"></a></h2>
<p><a href="rsync.1"><strong>rsync</strong>(1)</a>, <a href="rsyncd.conf.5"><strong>rsyncd.conf</strong>(5)</a></p>
<h2 id="CAVEATS">CAVEATS<a href="#CAVEATS" class="tgt"></a></h2>
<p>Note that using an stunnel connection requires at least version 4 of stunnel,
which should be the case on modern systems. Also, it does not verify a
connection against the CA certificate collection, so it only encrypts the
connection without any cert validation unless you have specified the
certificate environment options.</p>
<p>This script also supports a <code>--type=gnutls</code> option, but at the time of this
release the gnutls-cli command was dropping output, making it unusable. If
that bug has been fixed in your version, feel free to put gnutls into an
exported RSYNC_SSL_TYPE environment variable to make its use the default.</p>
<h2 id="BUGS">BUGS<a href="#BUGS" class="tgt"></a></h2>
<p>Please report bugs! See the web site at <a href="https://rsync.samba.org/">https://rsync.samba.org/</a>.</p>
<h2 id="VERSION">VERSION<a href="#VERSION" class="tgt"></a></h2>
<p>This manpage is current for version 3.3.0 of rsync.</p>
<h2 id="CREDITS">CREDITS<a href="#CREDITS" class="tgt"></a></h2>
<p>Rsync is distributed under the GNU General Public License. See the file
<a href="COPYING">COPYING</a> for details.</p>
<p>A web site is available at <a href="https://rsync.samba.org/">https://rsync.samba.org/</a>. The site includes an
FAQ-O-Matic which may cover questions unanswered by this manual page.</p>
<h2 id="AUTHOR">AUTHOR<a href="#AUTHOR" class="tgt"></a></h2>
<p>This manpage was written by Wayne Davison.</p>
<p>Mailing lists for support and development are available at
<a href="https://lists.samba.org/">https://lists.samba.org/</a>.</p>
<div style="float: right"><p><i>6 Apr 2024</i></p></div>
</body></html>
Reference in a new issue View git blame Copy permalink