RSYNC through SSH Tunnel

After changing ISP (had no choice), I realized that one of the projects I support as mirror, was blocked (IP level).

I was unable to run a rsync from this project to my local server. So this is where I decided to leverage another server as intermediary, using a SSH tunnel.


SSH Tunneling is quite basic to understand. You have a computer A that wants to reach the computer B. You do it through computer C, through SSH. The advantage (or disadvantage, depending on what you are looking for) is that you can easily script a SSH tunneling or set it up just for 1 service.

In my case, I have several RSYNC task in parallel for different projects. I just wanted 1 rsync script to use my SSH tunnel.


How to do it?



Well first, you need to have access to another server (that can access the server you want to reach) and have SSH access there.


1) On the intermediary server, install Netcat

The intermediate server that will be used to do the SSH tunnel, will require netcat. On the machine, simply run:

sudo apt-get install netcat


2) Enable passwordless authentification

To enable passwordless authentication from your server to the intermediary server, you need to add your SSH key as authorized key on the intermediary server.

If you don’t have a SSH key, on your server, simply run:


to generate a SSH key.

Then, you need to copy this key to the intermediary server’s authorized key. Still on your server, run:

ssh-copy-id -i ~/.ssh/key user@intermediaryhost

Make sure you use the right .ssh/key filename and the right ssh credentials of the intermediaryhost.

If all goes well, you should be able to connect, passwordless to your intermediary host. To test, simply run:

ssh user@intermediaryhost


3) Run Rsync through the SSH tunnel

You probably want to have your SSH tunnel used only when RSYNC is running. And the good news is that Rsync support this very well. You need to use the RSYNC_CONNECT_PROG environment.

On your server, you can run it in a single command line like this:

RSYNC_CONNECT_PROG='ssh -l user intermediaryhost nc %H 873' rsync -av --progress /media/Stockage/Mirrors/Tails

Of course, replace user and intermediaryhost by your SSH tunnel user and host and then complete the rsync command like you usually do.


That’s it!


Loves to discover web-based apps to install on his own server@home and write articles about it


Add a comment