msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

13 Jan 2012 Using Lsyncd to perform “live” syncronization of a local directory to a remote directory

This post is a short HOWTO and describes how you can install and run lsyncd to perform a rsync syncronization from local to a remote server using SSH.
Lsyncd is a daemon to continuously synchronize directory trees and relies on inotify. If you need real live syncronization DRBD might be a better alternative since it is a block level syncronization.

Installing Lsyncd 2.0 from source on CentOS 6
Lsyncd is not included as a package in CentOS 6, so you need to download the source file from http://code.google.com/p/lsyncd/downloads/list.
You should have rsync, GCC and lua-devel installed on your system before you continue installing Lsyncd.

# yum install rsync lua-devel

Unpack the lsyncd source file and run the following commands from the unpacked file

# configure 
# make
# make install

make install copies the compiled files and install them to the right directories in your system.

I need to configure a non password SSH communication between the two servers with a shared SSH key.
On the source server run the following command to generate a SSH key, if you have not done this already.
Remember to do this as the user you are going to perform the sync with.

# ssh-keygen

Secure copy the generated SSH key from the source server to your target server

# scp ~/.ssh/id_rsa.pub root@remoteserver:/tmp

On the target server you need to add the copied SSH key to your existing authorized keys file.
Also remember to do this with the user you are going to connect with from the source server.

# cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys

If you do not have this file, just create it using the touch command described below

# touch ~/.ssh/authorized_keys

Test if you can ssh without a password from your source server to the target server.

I have made a config file, /root/scripts/lsyncd.conf that tells Lsyncd where to put the log- and statusfile. That it should be running as a daemon in the background, and a sync should occur after 900 seconds (15 minutes) if there have not been any filesystem changes and there should not be more than 6 parallell Lsyncd processes.

settings = {
   logfile      = "/tmp/lsyncd.log",
   statusFile   = "/tmp/lsyncd.status",
   nodaemon     = false,
   maxDelays    = 900,
   maxProcesses = 6,
}

sync{default.rsyncssh, source="/path/on/source/", host="hostnam.target.server.tld", targetdir="/path/on/target/"}

To start lsyncd you run the command

# lsyncd /root/scripts/lsyncd.conf

You should now see a Lsyncd process running as a daemon on your system. It performs a sync when you start and then waits for any filesystem changes or sync after 900 seconds.

If you would like Lsyncd to start at boot, just add the following line to the bottom of file /etc/rc.local

lsyncd /root/scripts/lsyncd.conf

You do now have a working secure rsync syncronization between two servers.

What directories you are syncing

# tail -f /tmp/lsyncd.status

What is happening now

# tail -f /tmp/lsyncd.log

Tags: , , , , ,

Posted by

09 Sep 2010 Compare a remote file with a local file using ssh and diff

# ssh user@example.com cat /path/to/remotefile | diff /path/to/localfile -

Tags: ,

Posted by

04 Sep 2008 Secure browsing with Firefox and SOCKS v5

This post describes how you can setup secure web browsing using Firefox3 and by setting up a SSH tunnel from your PC/host to a remote PC/host. Your PC will then act as a local SOCKS proxy and all applications that supports SOCKS5 interface to this port. This is a handy solution if you are on a untrusted net like a wireless connection. The solution can also be used in Thunderbird if you would like.
Note
It is important to note that it’s only the connection between your host and the remote host that is secure. It is also important to note that Firefox will do DNS queries to the untrusted netwoork. This can be fixed by opening the about:config page and change network.proxy.socks_remote_dns to true.

Start a SSH connection to a host that you want to proxy through. Use the -D option to specify a SOCKS5 port on your localhost. The port doesn’t really matter. Just make sure you use the same port in your SOCKS client application.

# ssh -D 3333 username@example.com

In Firefox select “Tools | Options… | Advanced | Network |Settings… button”.

Then select “Manual proxy configuration”. All you need to fill out is “SOCKS Host: Localhost”, “Port: 3333”, then select “SOCKS v5”.

Type in “localhost” in the SOCKS host field and press the OK button.

You are now ready to surf using Firefox3 and SOCKS5 througt a SSH tunnel.

Configure a secure tunnel using Putty

You can also use Putty if you are a Windows user. The configuration is then as follows:

Tags: , , ,

Posted by

29 May 2008 Fix slow SSH login

Add the following line if your SSH login takes a long time on your SSH server.

File /etc/ssh/sshd_config:

UseDNS no

Restart the SSH daemon to activate this change.

Tags:

Posted by

20 Feb 2008 Mounting remote filesystems using SSH and Debian

This post describes how to mount a remote filesystem through SSH using the shfs kernel module on a Debian Etch server. By doing this I can access the remote filesystem as if it was a local filesystem and also use my local tools and software.
This is a short description of how I made a remote filesystem accessible on my private server.

Download the needed software

# apt-get install shfs-source shfs-utils module-assistant

This step might not be needed on your system, but I didn’t have the needed software to build the kernel module

# module-assistant prepare

Use the module assistant to build the kernel module to match your local system (I use a 2.6 kernel but this whould work on a 2.4 kernel also)

module-assistant build shfs

Now you can install it

# module-assistant install shfs
Selecting previously deselected package shfs-module-2.6.18-5-686.
(Reading database ... 78212 files and directories currently installed.)
Unpacking shfs-module-2.6.18-5-686 (from .../shfs-module-2.6.18-5-686_0.35-6.2+2.6.18.dfsg.1-17_i386.deb) ...
Setting up shfs-module-2.6.18-5-686 (0.35-6.2+2.6.18.dfsg.1-17) ...

You might see some error messages but those are mostly harmless :) and can be ignored.
Now we can try to mount the remote filesystem

# mkdir /export/remotefs
# shfsmount user@remotesystem.com /export/remotefs
Password:

The remote filesystem should now be available after typing your password.

# cd /export/remotefs
# ls

You will now see all your files in the remote filesystem as if they were on your local machine.
To unmount your filesystem

# cd /
# umount /export/remotefs

This post could have been extended to use passwordless

Tags: , , ,

Posted by