You are here:

Home > Support > Technical Documents > Using Rsync over SSL

Print this page

Technical Documents

Why use Rsync over SSL?

If you want to use our rsync backup service you should be aware that your data is sent across the network unencrypted. If your data is sensitive enough that you would rather this didn’t happen, but not sensitive enough that you don’t mind it being stored unencrypted then you should consider running rsync over SSL.

N.B. This is currently an experimental service; we would appreciate feedback on its usefulness.

Connecting

Rsync does not support SSL, but can be persuaded to by use of the stunnel tool (we use stunnel 3 in this example).

Our backup server listens on address joebloggs.backup.bytemark.co.uk, where joebloggs is the backup account name which usually the same as your VM or Dedicated Host’s account name, on port 8873. This script will start stunnel as a proxy on the client machine, run rsync across the proxy, then stop stunnel again.

#!/bin/sh                                            

PID=/var/run/rsync.stunnel.$$.pid          
PORT=3334

stunnel -c -d localhost:$PORT -r joebloggs.backup.bytemark.co.uk:8873 -P $PID
sleep 0.5

RSYNC_PASSWORD=123456 rsync \
  --relative --archive --port=$PORT\
  /home /etc /other/directories/to/backup
  mymachine-backup@localhost::myuser-backup/

kill `cat $PID`

Note that this script will not handle anything going wrong very gracefully, and
that rsync thinks that it’s talking to a server on the local machine.

“We rent a dedicated server from Bytemark to run an extranet for our customer. We are now on our second server having upgraded and we've been impressed with the service we've received.”

Paul Oldham
The Hug

Control Panel

News from our company, and our opinions on emerging technologies.

Control Panel

A 4GiB dedicated server with RAID1 for £69.00 per month - control and isolation for less!

Built by handBuilt by hand

Because we build our servers by hand, you get high power, low cost, and excellent build quality.