How can I secure connections between linux/unix rsync clients and cwRsync servers ?

Assuming that you want to synchronize from directory /home/user on *nix machine to directory c:\backup on Windows machine :

On Windows:

  • Install Copssh and cwRsync server. Use the same service account.
  • Start RsyncServer and OpenSSHD services
  • Activate a user and create a PKA key pair via Copssh control panel:

Create a PKA key pair with empty passphrase via Copssh Control Panel


  • Transfer user's private key file to Linux client.
  • Make sure that the user and the service account has write access to c:\backup
  • Add a new module to rsyncd.conf :

path = /cygdrive/c/backup
read only = false
transfer logging = yes

On Linux:

  • Use shell script below after having it updated according to your needs:
# Secure Channel Wrapper for connection to cwRsync servers from Linux/Unix clients
# v1.0 - Initial version, Sep 2005, Tevfik K.,

# Customize variables below according to your needs

# identity: private key file for user winuser

# localport: local port for forwarding

# remoteport: termination port (this should be the port rsync daemon listens to)

# remotehost: cwRsync Server name/ip-adress

# your rsync module at server side

# Function to terminate secure tunnel processes
TerminateTunnel ()
ps ax | grep "ssh -i $identity -L $localport" | awk '{print $1}' | xargs -i kill {} 2&>/dev/null

# Clean up ... terminate zombie tunnels

echo Establishing secure channel ...
ssh -i $identity -L $localport:$remoteport winuser@$remotehost -T -N -f

# your rsync command, you can edit:
# - rsync options (-av)
# - source files (temp/)
# - exchange source and destination
# - and more :-) Try and tell me!
rsync -vrt /home/user/ rsync://winuser@localhost:$localport/$rsyncmodule

echo Terminating secure channel ...

NB! You must forward ssh port 22 to Windows machine at the edge of your secure network (your router/firewall). I recommend strongly to tighten security further by using options available in rsync and openssh (host limitations, secrets file ...).