Thanks, it worked nice !
Best regards
Johan
-------- Message d'origine--------
De: Julian Pace Ross [mailto:[EMAIL PROTECTED]]
Date: lun. 04/09/2006 10:14
À: BOYE Johan
Cc: rsync@lists.samba.org
Objet : Re: Rsync + SSH on a different port + restricted access
I found that adding the following at the beginning of the key on recv. side
works perfectly for me with any rsync command on the sending side.
from="10.1.1.1",command="/home/remoteuser/cron/validate-rsync" ssh-dss
AAAAB3Nza
C1kc3MAAAEBAKYJenaYvMG3nHwWxK... etc...
then create the file "validate-rsync" which should contain exactly this:
#!/bin/sh
case "$SSH_ORIGINAL_COMMAND" in
*\&*)
echo "Rejected"
;;
*\(*)
echo "Rejected"
;;
*\{*)
echo "Rejected"
;;
*\;*)
echo "Rejected"
;;
*\<*)
echo "Rejected"
;;
*\`*)
echo "Rejected"
;;
rsync\ --server*)
$SSH_ORIGINAL_COMMAND
;;
*)
echo "Rejected"
;;
esac
I got this from http://troy.jdmz.net/rsync/ in case you want to read the
whole article.
Hope this helps
Julian
On 04/09/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> Hello,
>
> I'm trying to setup Rsync over SSH with openSSH running port 2222 with a
> remote RSA public key authentification and a restricted shell to avoid the
> user to browse my server via SSH, only be able to run rsync server.
>
> 1) i've built a regular rsync server over TCP/873
> Worked fine, check my conf :
>
> motd file = /etc/rsyncd.motd
> log file = /var/log/rsyncd.log
> pid file = /var/run/rsyncd.pid
> lock file = /var/run/rsync.lock
> max connections = 2
> timeout = 300
>
> [mirror]
> path = /home/mirror
> comment = Rsync share for the Mirror
> uid = mirror
> gid = mirror
> read >
> list = yes
> auth users = mirror
> secrets file = /etc/rsyncd.secrets
>
>
> Works fine ! I can write on the remote /home/mirror, perfect ;)
>
>
>
> Then, i would like to run it over SSH port 2222
> rsync -avz --rsh='ssh -p2222' /home/foor/bar/ [EMAIL PROTECTED]
> :mirror/
>
> Still works fine ;)
>
> But my user can login in my box with SSH. So, after a couple of google, i
> found that i have to edit authorised_keys and put :
> command="rsync --daemon -vv --server ." ssh-rsa
> AAAAB3NzaC1...............
>
> But now, i have this error :
> $ rsync -avvvz --rsh='ssh -p2222' /home/foor/bar/ [EMAIL PROTECTED]
> :mirror/
> opening connection using ssh -p2222 -l mirror myrsyndserver rsync
> --server -vvvlogDtprz . mirror/
> rsync: connection unexpectedly closed (0 bytes received so far)
> [sender]
> rsync error: error in rsync protocol data stream (code 12) at io.c(463)
> [sender=2.6.8]
> _exit_cleanup(code=12, file=io.c, line=463): about to call exit(12)
>
>
> I tried with a zillion of different config in my authorized_keys, but it's
> still not working.
> Could you help me to find a solution please ?
>
> Best regards
>
>
> Johan
>
>
>
>
> --
> To unsubscribe or change options:
> https://lists.samba.org/mailman/listinfo/rsync
> Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html<http://www.catb.org/%7Eesr/faqs/smart-questions.html>
>
>
"Les informations contenues dans ce message électronique peuvent être de nature confidentielles et soumises à une obligation de secret. Elles sont destinées à l'usage exclusif du réel destinataire. Si vous n'êtes pas le réel destinataire, ou si vous recevez ce message par erreur, merci de le détruire immédiatement et de le notifier à son émetteur."
-- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html