I have set this up in Xenial/Bionic/Eoan The following syncs nicely a dir created as root to need the sudo to read it:
$ rsync -AEaogt --rsync-path="sudo rsync" -e "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" /tmp/foo ubuntu@10.253.194.115:/tmp This works among all pairs and cross releases. Now lets brainstorm what might happen in your case ... I have: 1. setup rsync to be sudo enabled without PW in /etc/sudoers %sudo ALL= NOPASSWD:/usr/bin/rsync 2. then I exchanged ssh keys between all nodes That got it working, no more needed. Did you use the same sudoers hint to make it PW-less? I have read through your log twice but can't find anything obvious. You could try to set up another user special to this use case. And let that user have no .bashrc nor anything else (maybe the login with rsync triggers a different path and there you have output). At least that would be an easy try. Most things you find on the net about this is about clearing the non interactive login, but I think you have done that. What might be worth to take a look is dropping strict host keycheck option and really make sure all keys are accepted - maybe something with that is going on in the background? ** Changed in: rsync (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsync in Ubuntu. https://bugs.launchpad.net/bugs/1831101 Title: rsync with remote sudo fails over ssh/pki with protocol mismatch error Status in rsync package in Ubuntu: Incomplete Bug description: rsync with remote sudo fails over ssh on Ubuntu Mate 18.04.2 rsync version 3.1.2 protocol version 31 - same on local and remote OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017 - same on local and remote I have checked for spurious output from .bashrc using $ ssh user@host /bin/true > out.dat which results in $ ls -l *.dat -rw-rw-r-- 1 user user 0 May 22 23:33 out.dat -- The [redacted] command is rsync -AEavvvogt --rsync-path="sudo rsync" --debug=CONNECT -e "ssh -i /home/xxx/.ssh/id_rsa -tt -v -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" --exclude-from=/home/xxx/backup.exclude --delete --link-dest=../$lastdt /etc $dest/$dt -- The [redacted] output is opening connection using: ssh -i /home/user/.ssh/id_rsa -tt -v -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -l user xxx "sudo rsync" --server -vvvlogDtpAre.iLsfxC --delete --link-dest ../20190506_021137 . /home/backups/xxx/20190522_232738 (20 args) OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to xxx [192.168.1.120] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /home/user/.ssh/id_rsa type 0 debug1: key_load_public: No such file or directory debug1: identity file /home/user/.ssh/id_rsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000 debug1: Authenticating to xxx:22 as 'user' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: <email address hidden> MAC: <implicit> compression: none debug1: kex: client->server cipher: <email address hidden> MAC: <implicit> compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: xxx Warning: Permanently added 'xxx,192.168.1.120' (ECDSA) to the list of known hosts. debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa- sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384 ,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering public key: RSA SHA256:xxx /home/user/.ssh/id_rsa debug1: Server accepts key: xxx debug1: Authentication succeeded (publickey). Authenticated to xxx ([192.168.1.120]:22). debug1: channel 0: new [client-session] debug1: Requesting <email address hidden> debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype <email address hidden> want_reply 0 debug1: tty_make_modes: no fd or tio debug1: Sending environment. debug1: Sending env LANG = en_GB.UTF-8 debug1: Sending command: sudo rsync --server -vvvlogDtpAre.iLsfxC --delete --link-dest ../20190506_021137 . /home/backups/xxx/20190522_232738 protocol version mismatch -- is your shell clean? (see the rsync man page for an explanation) rsync error: protocol incompatibility (code 2) at compat.c(178) [sender=3.1.2] [sender] _exit_cleanup(code=2, file=compat.c, line=178): about to call exit(2) ------------------------------------------------------- /etc/sudoers contains user ALL= NOPASSWD:/usr/bin/rsync ...which I have tried placing above (as is the default) and below lines beginning %admin and %sudo and the space in "ALL= NOPASSWD..." doesn't seem to make any difference I followed the instructions at https://www.digitalocean.com/community/tutorials/how-to-copy-files- with-rsync-over-ssh https://askubuntu.com/questions/719439/using-rsync-with-sudo-on-the- destination-machine ...which worked on 16.04, so I wonder if there may be a bug, although grateful for any other suggestions, as I am unsure how to debug/investigate further To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1831101/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp