I'd like to use rsync over openvpn to copy some files as root from one server to another, all on the same LAN (i.e., not over the Internet). Both servers are running Wheezy. I could do this over ssh, but I'd prefer not to because I want to keep ssh root access disabled. The VPN is working - e.g., from the client I can successfully ping the server's openvpn IP (and I can connect over the Internet using the VPN ip and VNC, though again for this use case I want to copy files on my LAN behind my firewall). However, when I try rsync, I get an error "connection over port 22 refused". Q: is this a problem with my rsync syntax and what syntax should I use, or with this approach do I need to setup the rsync daemon on the server? Rsync without the daemon seems to assume the use of ssh.
Thanks!
This page has a pretty decent (and brief) description of the steps you need to take on Debian Wheezy.
http://www.server-world.info/en/note?os=Debian_7.0&p=rsync
Note that when you're using the rsync daemon (as opposed to rsync over ssh) you use hostname::sharename syntax to (in the example on that page the rsync share is "site").
So you'd run
rsync -avz hostname::sharename
or similar from the client.You probably want to use hosts.allow to permit only specific IP addresses. If you want username/password logins as well add this to your share definition in rsyncd.conf:
and then create an /etc/rsyncd.secrets
username:password
and then
rsync is client-server program so the client has to connect to something running on the remote server, SSH or rsyncd. VPN is only the transport here, not the service to connect to.
I would suggest to: