Backup Central

In trying to fix the problems I've been having with rsync, I
discovered that SSH has an option to create a secure tunnel between
the localhost and the server. (-L localport:host:hostport)

If I could somehow tell BackupPC to first set up a forwarded tunnel
and then connect to the local forwarded port instead of port 873 on
the host, I could use rsyncd (which I've verified works under win2k)
and still have a secure connection and not worry about anyone sniffing
my password.

Is this at all feasible? What would be the best way to do this? I'm
familiar with perl and I'm willing to submit a patch, but I don't know
where to begin. If anyone else has tried this please let me know.

Thanks!
--
Justin Guenther
IT Analyst
CrownAg International Inc.
250 Henderson Drive
Regina, SK, Canada S4N 5P7
Tel: (306) 522-8111
Email: justin.guenther < at > crownag.ca


-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/

Justin Guenther writes:

In trying to fix the problems I've been having with rsync, I
discovered that SSH has an option to create a secure tunnel between
the localhost and the server. (-L localport:host:hostport)

If I could somehow tell BackupPC to first set up a forwarded tunnel
and then connect to the local forwarded port instead of port 873 on
the host, I could use rsyncd (which I've verified works under win2k)
and still have a secure connection and not worry about anyone sniffing
my password.

Is this at all feasible? What would be the best way to do this? I'm
familiar with perl and I'm willing to submit a patch, but I don't know
where to begin. If anyone else has tried this please let me know.

You should set $Conf{RsyncClientCmd} to any script of your choice. That
script should setup the tunnel, and then run rsync connected to a local
port. Note that the tunnel should not connect stdin/stdout: rsync uses
stdin/stdout to talk to File::RsyncP in BackupPC.

Your script would have to handle the cases of interruption (eg: SIGINT)
and cleanly shut down the ssh tunnel.

Also, you might consider stunnel.

Craig


-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
BackupPC-users mailing list
BackupPC-users < at > lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/

On Mon, 2004-08-02 at 11:57, Craig Barratt wrote:

You should set $Conf{RsyncClientCmd} to any script of your choice. That
script should setup the tunnel, and then run rsync connected to a local
port. Note that the tunnel should not connect stdin/stdout: rsync uses
stdin/stdout to talk to File::RsyncP in BackupPC.

Your script would have to handle the cases of interruption (eg: SIGINT)
and cleanly shut down the ssh tunnel.

Also, you might consider stunnel.

Would it be possible to do this the other direction? I haven't needed
this badly enough to investigate yet, but it seems like it would be
useful to be able to start an ssh session from a remote client which
would set up a forwarding tunnel, tell BackupPC to run a backup using
a connection through localhost:forwarded_port, and wait until the
backup completes to disconnect. I guess this would also involve
a script to hold the pre-arranged connection details. Is there some
clever way that the ssh'd command could know when the backup had
completed? Making this simple in either direction should solve the
long-standing problem of running rsync under ssh on windows as well
as handling remote clients whose filewall/nat configuration only
permits outbound connections.

---
Les Mikesell
les < at > futuresource.com