----------------------------------------- backup with rsync #!/bin/sh LIST="rootfs usr data data2" for d in $LIST; do mount /backup/$d rsync -ax --exclude fstab --delete /$d/ /backup/$d/ umount /backup/$d done DAY=`date "+%A"` rsync -a --delete /usr/local/apache /data2/backups/$DAY rsync -a --delete /data/solid /data2/backups/$DAY ----------------------------------------- rsync #!/bin/sh rsync -avz www:/home/raffi/xfer/* /home/raffi/xfer rsync -avz www:/home/httpd/cgi-bin/* home/httpd/html/cgi-bin rsync -e ssh -av rafael@www:/home/rafael/xfer/* xfer rsync -e ssh -av raffi@www:/home/raffi/xfer/* xfer ----------------------------------------- mirror server rsync -avz -e ssh someuser@server1.example.com:/var/www/ /var/www/ mkdir /root/rsync ssh-keygen -t dsa -b 2048 -f /root/rsync/mirror-rsync-key Now we want to allow connections only from mirror.example.com, and the connecting user should be allowed to use only rsync, so we add command="/home/someuser/rsync/checkrsync",from="mirror.example.com",no-port-forwarding,no-X11-forwarding,no-pty right at the beginning of /home/someuser/.ssh/authorized_keys ----------------------------------------- check script /home/someuser/rsync/checkrsync #!/bin/sh case "$SSH_ORIGINAL_COMMAND" in *\&*) echo "Rejected" ;; *\(*) echo "Rejected" ;; *\{*) echo "Rejected" ;; *\;*) echo "Rejected" ;; *\<*) echo "Rejected" ;; *\`*) echo "Rejected" ;; rsync\ --server*) $SSH_ORIGINAL_COMMAND ;; *) echo "Rejected" ;; esac As root rsync -avz --delete --exclude=**/stats --exclude=**/error --exclude=**/files/pictures -e "ssh -i /root/rsync/mirror-rsync-key" someuser@server1.example.com:/var/www/ /var/www/ ------------------- Note -exclude-from="/path/to/file" /backup/ /bin/ /dev/ /initrd/ --delete-excluded ------------------- cron job */5 * * * * /usr/bin/rsync -azq --delete --exclude=**/stats --exclude=**/error --exclude=**/files/pictures -e "ssh -i /root/rsync/mi rror-rsync-key" someuser@server1.example.com:/var/www/ /var/www/ ----- rsync -avz --delete -e ssh raffi@krpan:~/somedir/ somedir