Skip to content

Instantly share code, notes, and snippets.

@trendels
trendels / rsync_daemon_over_ssh.md
Last active July 25, 2024 20:42
Rsync daemon mode over ssh

rsync daemon mode over ssh

There are several common ways to do rsync backups of hosts over ssh:

  1. As a non-root user. Upsides: very secure. Downside: cannot back up sensitive files.
  2. As root, with a public key. Downsides: Whoever has the private key has full root access to the host being backed up.
  3. As root, with a public key and a "forced command". Upsides: Restricts access to the server. Downsides: Requires either careful matching of rsync options (which might change over time), or "validator" scripts. Neither idea sounds very appealing to me.
  4. Running rsync in daemon mode on the host being backed up. Upsides: Lots of useful options, like read-only mode, running as a different user if required, server-side excludes/includes, etc. Downsides: Opens up a TCP port that has full filesystem read access and is hard to secure (Ideally you could make the rsync daemon use a unix socket instead, that could be secured by filesystem permissions, but I haven't found a way to do that).

Here is another option t

How to install pandoc from source on CentOS 6.x

  • Make a directory for the Haskell installation, I like to use /opt/haskell:

    $ sudo mkdir /opt/haskell
    $ sudo chown $USER /opt/haskell
    
  • Install [GHC 7.6.3][1].