Hi everyone, Thanks for all the ideas! Meanwhile, I’ve made some progress because there was another answer on "ask ubuntu" that got absolutely no interaction but that is a brilliant solution:
https://askubuntu.com/a/1263657 : > just create a wrapper script for the ssh command. > ssh_sudo: > { > echo $PASSWORD; > cat - ; > } | ssh $* & > > At first, this passes the password to the ssh client's sudo process in order > to start rsync on the remote side. Next all input coming from the local rsync > is piped to ssh. > Finally call rsync e.g. with: > PASSWORD=<SUDOPASS> rsync -avzue ssh_sudo --rsync-path "sudo -S rsync" SRC DST > > I guess the security aspect here is not that bad, you'll only have to save > the password locally as env var. Reading it from a file should work as well... As it doesn’t need an argpass-script on the target side, but uses a wrapper for ssh on the HOST side to inject the password from an environment variable, it’s pretty convenient for my use case. Plus, there’s the added bonus of not having the password logged anywhere. Ideally, I would now like to get rid of the helper script, so it’s a single rsync command that is left. I’m struggling with this but there’ll hopefully be some bash quoting wizards that can tell me where the issue is. My (non-working) attempt: PASSWORD=<SUDOPASS> rsync -vv --delete-after --delay-updates '/bin/sh -c "{ echo $PASSWORD; cat - ; } | ssh -i ~/.ssh/id.key $* &"' --rsync-path='sudo -S rsync‘ ./SRCDIR USER@HOST:DSTDIR This get’s mangled by rsync in some non-working way, but I actually don’t understand enough of shell magic to solve this: opening connection using: /bin/sh -c "{ echo $PASSWORD; cat - ; } | ssh -i ~/.ssh/id.key $* &" -l USER HOST "sudo -S rsync" --server -vvvlDtrze.iLsfxCIvu "--log-format=%i" --delete-after --delay-updates . DESTDIR (14 args) ssh: Could not resolve hostname USER: nodename nor servname provided, or not known rsync: connection unexpectedly closed (0 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(228) [sender=3.2.3] So it seems the "-l" is dropped into the void letting ssh assume USER was the target host? I don’t actually get what I can do. Anyway, I think the original answer on "ask ubuntu" is quite helpful. Unfortunately, I don’t have enough „reputation points“ to upvote the answer nor to comment … Happy syncing, Mark
smime.p7s
Description: S/MIME cryptographic signature
-- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
