I'm trying to implement backups using rsync and scponly, but they don't seem to be working well together. Rsync to a regular user works fine, sftp and scp to scponly work fine, but I can't rsync to the scponly user. I have rsync set up on both machines, and a test user with the following user data on the remote machine.
All the software is installed via an up to date ports tree, and scponly was indeed installed with rsync support. I'm aware of alternatives I could use to do this but I want to know why specifically this isn't working. I've spent the past few hours (not sleeping and) trying to figure out why this is failing. There doesn't seem to be very much discussion on this kind of setup, and the only real lead I found refers to a bug that was fixed several years ago.
Trying to use rsync to push data to the remote machine fails as follows:
The following error message appears in auth.log on the remote machine
Thanks for any insight into this.
Code:
bacman:*:1002:1002:User &:/home/backups:/usr/local/sbin/scponlyc
All the software is installed via an up to date ports tree, and scponly was indeed installed with rsync support. I'm aware of alternatives I could use to do this but I want to know why specifically this isn't working. I've spent the past few hours (not sleeping and) trying to figure out why this is failing. There doesn't seem to be very much discussion on this kind of setup, and the only real lead I found refers to a bug that was fixed several years ago.
Trying to use rsync to push data to the remote machine fails as follows:
Code:
roy@eressea:roy$ rsync -ave ssh --delete --numeric-ids testdata bacman@beleriand:/home/backups/incoming
You shall not pass
Password:
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(600) [sender=3.0.6]
The following error message appears in auth.log on the remote machine
Code:
Oct 10 16:28:47 beleriand scponly[86939]: option 'e' or a related long option is not permitted for use with /usr/local/bin/rsync (arg was .iL)
(username: bacman(1002), IP/port: xxx.xxx.xxx.xxx 63172 22))
Oct 10 16:28:47 beleriand scponly[86939]: requested command (/usr/local/bin/rsync --server -vlogDtpre.iL --delete --numeric-ids . /home/backups
/incoming) tried to use disallowed argument (username: bacman(1002), IP/port: xxx.xxx.xxx.xxx 63172 22))
Thanks for any insight into this.