Difference between revisions of "Rsyncd setup on a windows computer for use with Affa backup"
m |
|||
Line 81: | Line 81: | ||
==== Configuring the rsyncd Service ==== | ==== Configuring the rsyncd Service ==== | ||
− | Create the /etc/rsyncd. | + | Create the /etc/rsyncd.secrets file and add the user affa with password '''secretword''' separated by a colon. Replace the placeholder '''secretword''' by a strong password. |
affa:'''secretword''' | affa:'''secretword''' | ||
Line 120: | Line 120: | ||
rsync -av affa@IP_ADDRESS::'AFFA/' | rsync -av affa@IP_ADDRESS::'AFFA/' | ||
You should receive a file list of all your drives. | You should receive a file list of all your drives. | ||
− | |||
=== Security === | === Security === |
Revision as of 15:28, 15 January 2008
Purpose
Using Cygwin rsync on a Windows computer to backup it remotely over ssh does not work as the Cygwin rsync process hangs. This problem has been reported frequently but was not solved yet. The only known workaround is running the rsync daemon.
This document describes the installation and configuration of the rsync daemon in the cygwin environment on a Windows XP computer for the purpose to backup data using the Affa backup software.
Installation
Login as Administrator and create a folder C:\cygwin. Save http://cygwin.com/setup.exe to this folder and run it:
Select a nearby mirror
Select the packages to install (in addtion to the already selected defaults):
- from category Net: openssh, rsync
- from category Editor: vim (or any other editor of your choice)
Configuration
Run the Cygwin Bash Shell from the Start Menu.
Configuring the sshd Service
Run the sshd configuration script.
ssh-host-config
You are asked a few questions. Answer them as shown in the script dialog below (in bold text).
Generating /etc/ssh_host_key Generating /etc/ssh_host_rsa_key Generating /etc/ssh_host_dsa_key Generating /etc/ssh_config file Privilege separation is set to yes by default since OpenSSH 3.3. However, this requires a non-privileged account called 'sshd'. For more info on privilege separation read /usr/share/doc/openssh/README.privsep. Should privilege separation be used? (yes/no) yes Warning: The following function requires administrator privileges! Should this script create a local user 'sshd' on this machine? (yes/no) yes Generating /etc/sshd_config file Added ssh to C:\WINDOWS\system32\drivers\etc\services Warning: The following functions require administrator privileges! Do you want to install sshd as service? (Say "no" if it's already installed as service) (yes/no) yes Which value should the environment variable CYGWIN have when sshd starts? It's recommended to set at least "ntsec" to be able to change user context without password. Default is "ntsec". CYGWIN= The service has been installed under LocalSystem account. Host configuration finished. Have fun!
Start the sshd service
net start sshd
Don't forget to open port 22 in the Windows firewall.
Testing
ssh Administrator@localhost
Configuring the rsyncd Service
Create the /etc/rsyncd.secrets file and add the user affa with password secretword separated by a colon. Replace the placeholder secretword by a strong password.
affa:secretword
Set secure permissions on /etc/rsyncd.secrets
chown 18.544 /etc/rsyncd.secrets chmod 660 /etc/rsyncd.secrets
Create the /etc/rsyncd.conf configuration file. Replace the placeholder AFFA_IP by the ip address of your Affa server.
gid = 544 uid = 18 hosts allow = AFFA_IP auth users = affa secrets file = /etc/rsyncd.secrets strict modes = true read only = true use chroot = no transfer logging = true log format = %h %o %f %l %b log file = /var/log/rsyncd.log [AFFA] path = /cygdrive comment = cygdrive root dir
Uid 18 is the userid of the System account, gid 544 is the groupid of the Administrators group.
Install rsyncd as a service.
cygrunsrv --install "rsyncd" --path /usr/bin/rsync --args "--daemon --no-detach" \ --desc "Starts a rsync daemon for accepting incoming rsync connections" \ --disp "Rsync Daemon" --type auto
Start the rsyncd service
net start rsyncd
Don't forget to open port 873 in the Windows firewall.
Testing
Login the Affa server and run the following command, where IP_ADDRESS is the IP address of the Windows computer.
rsync -av affa@IP_ADDRESS::'AFFA/'
You should receive a file list of all your drives.
Security
The rsync daemon protocol does not provide any encryption of the data that is transferred over the connection. Use it only in the local net or VPN.