passwordless rsync?

[Suvayu Ali]

Hi Cameron,

On Fri, May 29, 2015 at 10:43:18AM +1000, Cameron Simpson wrote:
> On 29May2015 01:40, suvayu ali <fatkasuvayu+linux at gmail.com> wrote:
> >I think the magic incantation for me was command="somecommand" is
> >actually the whole command, with all the arguments.  From the man page,
> >this wasn't clear to me.  I was trying to setup passwordless root login
> >with PermitRootLogin set to forced-commands-only for backups with
> >rsnapshot.
> >
> >Btw, to allow multiple commands from the same host, I guess I should
> >have multiple lines for the same public key?  Also, any ideas what
> >should be the command to allow rsnapshot backups?  I guess I need to
> >figure out what are the arguments passed onto rsync by rsnapshot, and in
> >which order.
> 
> Might I also suggest you consider reading "man rsync", specificly the
> section "USING RSYNC-DAEMON FEATURES VIA A REMOTE-SHELL CONNECTION". In
> fact, the whole section starting at "CONNECTING TO AN RSYNC DAEMON"?
> 
> This details invoking rsync in daemon mode, which lets you use an
> rsyncd.conf file to control what is available (see "man rsyncd.conf").
> 
> Then you just put a suitable "rsync daemon mode with specified (or default)
> rsyncd.conf file" in the command="..." part of your authorized_keys file.
> 
> This may be a far more controllable and flexible way to give rsync access,
> because you can use the .conf file at the server end to decide what may be
> backed up, and the rsync command in all its glory at the client end to
> decide what to ask for in a given run.

For me the server does the pulling.  I could try to explore the option
where the backup is initiated by the client.  I'll look at these
options, thank you!

I have lot better idea how to progress now :).

Cheers, 

-- 
Suvayu

Open source is the future. It sets us free.