You are here:

Home > Support > Technical Documents > Using Rsync over SSL

Print this page

Technical Documents

Why use Rsync over SSL?

If you want to use our rsync backup service you should be aware that your data is sent across the network unencrypted. If your data is sensitive enough that you would rather this didn’t happen, but not sensitive enough that you don’t mind it being stored unencrypted then you should consider running rsync over SSL.

N.B. This is currently an experimental service; we would appreciate feedback on its usefulness.

Connecting

Rsync does not support SSL, but can be persuaded to by use of the stunnel tool (we use stunnel 3 in this example).

Our backup server listens on address joebloggs.backup.bytemark.co.uk, where joebloggs is the backup account name which usually the same as your VM or Dedicated Host’s account name, on port 8873. This script will start stunnel as a proxy on the client machine, run rsync across the proxy, then stop stunnel again.

#!/bin/sh                                            

PID=/var/run/rsync.stunnel.$$.pid          
PORT=3334

stunnel -c -d localhost:$PORT -r joebloggs.backup.bytemark.co.uk:8873 -P $PID
sleep 0.5

RSYNC_PASSWORD=123456 rsync \
  --relative --archive --port=$PORT\
  /home /etc /other/directories/to/backup
  mymachine-backup@localhost::myuser-backup/

kill `cat $PID`

Note that this script will not handle anything going wrong very gracefully, and
that rsync thinks that it’s talking to a server on the local machine.

“I just want to say a big thank you for the support and excellent service I've had from Bytemark over the last 12 months. Nothing else I've seen comes close to what you offer, especially the personal touch.”

Gary Heaton
Usable IT

Premium Dedicated Premium Dedicated

Our premium dedicated servers, built to order by HP, will deliver the highest possible uptime.

The TeamThe Team

Find out about the experienced and excellent staff who make up the Bytemark team.

forumForum

Discuss server, system administration and hosting problems on our customer forum.