Secure RSYNC over SSH between two QNAP NAS
-
- Starting out
- Posts: 10
- Joined: Wed Sep 07, 2011 1:55 am
Secure RSYNC over SSH between two QNAP NAS
Hi all,
Since the upgrade to 4.0.1, I have realised it is no longer possible to configure a NAS-to-NAS backup with SSL Encryption enable ("Enable encryption, port xyz" under options menu) under "Remote Replication".
The local client NAS systematically tries to test the direct (unsecure) connection to the RSYNC server using the provided RSYNC port (in my case 873), i.e. without connecting through the (previously configured) SSL tunnel and port. This test fails obviously (as the port 873 isn't open on the remote host), and the local client NAS therefore refuses to save the remote site settings, although those are perfectly correct.
This means that it is with this new firmware NO LONGER POSSIBLE TO SET UP SECURE NAS-TO-NAS BACKUP JOBS!!!
Am I just missing something or do you experience the same problem?
Thanks!
Since the upgrade to 4.0.1, I have realised it is no longer possible to configure a NAS-to-NAS backup with SSL Encryption enable ("Enable encryption, port xyz" under options menu) under "Remote Replication".
The local client NAS systematically tries to test the direct (unsecure) connection to the RSYNC server using the provided RSYNC port (in my case 873), i.e. without connecting through the (previously configured) SSL tunnel and port. This test fails obviously (as the port 873 isn't open on the remote host), and the local client NAS therefore refuses to save the remote site settings, although those are perfectly correct.
This means that it is with this new firmware NO LONGER POSSIBLE TO SET UP SECURE NAS-TO-NAS BACKUP JOBS!!!
Am I just missing something or do you experience the same problem?
Thanks!
Last edited by janglacroix on Fri Apr 25, 2014 2:59 am, edited 1 time in total.
-
- Starting out
- Posts: 10
- Joined: Wed Sep 07, 2011 1:55 am
Re: Secure RSYNC over SSL between two QNAP NAS
Hi all,
I am still experiencing the same problem with 4.0.2 (unability to create a new NAS-to-NAS backup job with SSL encryption enabled due to the required "Remote-Host-Test" being attempted on an unsecured channel), has someone found a work-around for this issue?
Thanks!
I am still experiencing the same problem with 4.0.2 (unability to create a new NAS-to-NAS backup job with SSL encryption enabled due to the required "Remote-Host-Test" being attempted on an unsecured channel), has someone found a work-around for this issue?
Thanks!
-
- Getting the hang of things
- Posts: 75
- Joined: Sun Jan 10, 2010 3:54 am
Re: Secure RSYNC over SSL between two QNAP NAS
It's working on mines. I have mines port forwarding to 443 on both sides.
Sorry, I didn't notice the post date.
Sorry, I didn't notice the post date.
TS-809 Pro, 8 Seagate 4TB ST4000VN000, RAID 5, FW 4.2.2 Build
TS-870 Pro, 8 Seagate 4TB ST4000VN000, RAID 5, FW 4.2.2 Build 20161102
TVS-463, 4 WD 2TB WD2001FFSX, RAID 6, FW 4.2.0 Build 20160311
TS-870 Pro, 8 Seagate 4TB ST4000VN000, RAID 5, FW 4.2.2 Build 20161102
TVS-463, 4 WD 2TB WD2001FFSX, RAID 6, FW 4.2.0 Build 20160311
-
- Starting out
- Posts: 10
- Joined: Wed Sep 07, 2011 1:55 am
Re: Secure RSYNC over SSL between two QNAP NAS
Hi blkdrgn,
Just to make sure we mean the same thing, RSYNC over SSH also works for me once the backup job has been created and saved. The problem is that you are forced to perform a connection test in the first place that can only happen over an insecure (non-SSH) channel (in my case port 873, but could be any other port).
The best way to check this issue is to only open the SSH port (default: 22) on the remote host and block the RSYNC port (default: 873). Port 443 should not play any role here (usually reserved for HTTPS communication).
Thanks!
Just to make sure we mean the same thing, RSYNC over SSH also works for me once the backup job has been created and saved. The problem is that you are forced to perform a connection test in the first place that can only happen over an insecure (non-SSH) channel (in my case port 873, but could be any other port).
The best way to check this issue is to only open the SSH port (default: 22) on the remote host and block the RSYNC port (default: 873). Port 443 should not play any role here (usually reserved for HTTPS communication).
Thanks!
Re: Secure RSYNC over SSL between two QNAP NAS
Could you please clarify what you actually intend to do? you seem to be mixing SSL and SSH so it's not clear what works and what not.
-
- Starting out
- Posts: 10
- Joined: Wed Sep 07, 2011 1:55 am
Re: Secure RSYNC over SSH between two QNAP NAS
Hi reinob,
I've just fixed the title, this is obviously about performing a rsync Backup over a secured SSH connection, in the case of QNAP using the encryption option of the NAS-to-NAS replication job...
Thanks!
I've just fixed the title, this is obviously about performing a rsync Backup over a secured SSH connection, in the case of QNAP using the encryption option of the NAS-to-NAS replication job...
Thanks!
-
- Starting out
- Posts: 17
- Joined: Fri Jun 20, 2008 5:43 pm
Re: Secure RSYNC over SSH between two QNAP NAS
I can confirm that this is indeed an issue with my 239 Pro II. I'm running 4.0.7, and experiencing that setting up a backup job through SSH without access to the open RSYNC port is not possible. I had to enable the RSYNC port, on my old 209, which is placed out of town, and had to port forward RSYNC from the router. This enables open access for everybody, as RSYNC in the old QNAP firmware is without authentication I Guess.
Furthermore, it seems that changes made to an already created backup task are not saved. At least is seemed, but right now I finally got my backup to my old 209 running, so I dare not touch it
/Rasmus
Furthermore, it seems that changes made to an already created backup task are not saved. At least is seemed, but right now I finally got my backup to my old 209 running, so I dare not touch it
/Rasmus
-
- Starting out
- Posts: 14
- Joined: Wed Dec 24, 2014 9:52 pm
Re: Secure RSYNC over SSH between two QNAP NAS
I can confirm the issue with firmware 4.1.2: it is impossible to setup an Secure Rsync-over-SSH job via WebUI
after some investigations I found the root cause, it's simply not supported by wizReq.cgi
The only "check destination" command lines supported so far are native rsync ones (no -e /usr/bin/ssh and only used "::")
After a tweak by setup an rsync job to a local destination using same user/pass and changing afterwards in /etc/config/rsync_schedule.conf related
it turned out that also the /etc/init.d/rsyncRR.sh is still buggy and don't support Rsync-over-SSH, because it uses still "::" also in case of SSH is enabled.
Following diff fixes this situation:
For me it looks like this is Rsync-over-SSH to a standard Linux server is currently totally untested by QNAP
For proper support for Rsync-over-SSH following action is required by QNAP:
- extend wizReq.cgi to have option Rsync-over-SSH already in the initial external connection dialog (including specifying a non-standard port) and not later in the option dialog
- fix rsyncRR.sh (replace "::" by ":" in case of Rsync-over-SSH)
- create proper testcases with a normal Linux system supporting rsync-over-ssh for a particular user to avoid that this feature gets broken again...
after some investigations I found the root cause, it's simply not supported by wizReq.cgi
The only "check destination" command lines supported so far are native rsync ones (no -e /usr/bin/ssh and only used "::")
Code: Select all
# strings /mnt/ext/home/httpd/cgi-bin/wizReq.cgi | grep check-dest
%s --dry-run --check-dest --sever-mode="%d" --port="%d" --timeout=30 --contimeout=30 --password="%s" "%s"@[%s]:: > %s 2>&1
%s --dry-run --check-dest --sever-mode="%d" --port="%d" --timeout=30 --contimeout=30 --password="%s" "%s"@[%s]::"%s" > %s 2>&1
Code: Select all
Remote IP = (real destination)
Remote Path = (real path)
Remote Volume = (empty)
Following diff fixes this situation:
Code: Select all
--- /etc/init.d/rsyncRR.sh.orig 2014-12-24 14:46:43.000000000 +0100
+++ /etc/init.d/rsyncRR.sh 2014-12-24 14:47:21.000000000 +0100
@@ -604,7 +604,7 @@
if [ "x${RR_opt_KBPS}" = "x0" ]; then
RR_options=${RR_options}"--qnap-bwlimit "
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
- /usr/bin/rsync --sever-mode=1 --dry-run -e "${RR_com_ssh}" --qnap-ssh-bwlimit --timeout=${xsTimeout} --password="${Passwd}" "${UserName}"@[${Remote_IP}]::
+ /usr/bin/rsync --sever-mode=1 --dry-run -e "${RR_com_ssh}" --qnap-ssh-bwlimit --timeout=${xsTimeout} --password="${Passwd}" "${UserName}"@[${Remote_IP}]:
if [ "x$?" = "x0" ]; then
RR_options=${RR_options}"--qnap-ssh-bwlimit "
fi
@@ -624,7 +624,7 @@
echo "Debuging mode"
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
modify_known_hosts
- LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
+ LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]:"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
else
LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} --port=${RR_PORT} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
fi
@@ -632,7 +632,7 @@
echo "Normal mode"
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
modify_known_hosts
- LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
+ LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]:"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
else
LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} --port=${RR_PORT} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
fi
For proper support for Rsync-over-SSH following action is required by QNAP:
- extend wizReq.cgi to have option Rsync-over-SSH already in the initial external connection dialog (including specifying a non-standard port) and not later in the option dialog
- fix rsyncRR.sh (replace "::" by ":" in case of Rsync-over-SSH)
- create proper testcases with a normal Linux system supporting rsync-over-ssh for a particular user to avoid that this feature gets broken again...
-
- Starting out
- Posts: 14
- Joined: Wed Dec 24, 2014 9:52 pm
Re: Secure RSYNC over SSH between two QNAP NAS
It turned out that rsyncRR.sh script also won't proper catch "disk quota exceeded" on remote host and also the Update_Status function regarding skipped retries is improvable to avoid misleading status messages. Also a 3rd occurance of "::" in case of use with SSH was detected and removed. In addition, the rsync password in command line is now removed in case of SSH is selected.
BTW: for those who have also troubles with the script, a run in bash -x mode would help...
List of schedules:
# grep "\[Schedule" /etc/config/rsync_schedule.conf
Run one schedule in bash -x mode:
# sh -x /etc/init.d/rsyncRR.sh Schedule0
Diff to 4.1.2 version:
BTW: for those who have also troubles with the script, a run in bash -x mode would help...
List of schedules:
# grep "\[Schedule" /etc/config/rsync_schedule.conf
Run one schedule in bash -x mode:
# sh -x /etc/init.d/rsyncRR.sh Schedule0
Diff to 4.1.2 version:
Code: Select all
# diff -u /etc/init.d/rsyncRR.sh.orig /etc/init.d/rsyncRR.sh.fixed
--- /etc/init.d/rsyncRR.sh.orig 2014-12-24 14:46:43.000000000 +0100
+++ /etc/init.d/rsyncRR.sh.fixed 2014-12-26 11:57:48.000000000 +0100
@@ -15,6 +15,7 @@
ERROR_DESC[48]="Replication job has been terminated by user."
ERROR_DESC[49]="The source folder path does not exist."
ERROR_DESC[50]="The previous scheduled job has not been finished yet."
+ERROR_DESC[257]="Remote host reports disk quota exceeded."
# Check if a string contains the specified prefix
# Is_Prefix_Matched string prefix
@@ -120,6 +121,10 @@
SZLINE=""
while read szLine
do
+ if [ -z "$szLine" ]; then
+ continue
+ fi
+
if [ "1" == $( Is_Error_Pattern_Matched "$szLine" "rsync: mkstemp " " Invalid argument (22)" ) ]; then
continue
fi
@@ -159,6 +164,12 @@
# Parse_Error_Log_File rsync_error_log_file
Parse_Error_Log_File()
{
+ if grep -q "Disk quota exceeded" "$1"; then
+ iError=257
+ echo ERROR_UNEXPECTED
+ return
+ fi
+
SZLINE=""
Get_First_Error_Msg "$1"
@@ -240,11 +251,17 @@
# Update_Status $schedule $szUser $szAddr $szHost $szRetry
Update_Status()
{
+ szRetryMsg=$5
if [ "80" == "$RR_result" ]; then
iError=50
echo "ERROR_JOB_ALREADY_RUNNING"
else
Parse_Error_Log_File "$SZF_ERROR"
+ # Don't retry on the following cases.
+ if [ "$iError" -eq 0 ] || [ "$iError" -eq 43 ] || [ "$iError" -eq 44 ] || [ "$iError" -eq 48 ] || [ "$iError" -eq 49 ] || [ "$iError" -eq 50 ] || [ "$iError" -eq 257 ]; then
+ noRetry=1
+ szRetryMsg=""
+ fi
fi
szName=`/sbin/getcfg "$1" "Name" -f "${RR_CONF}" -d ""`
/sbin/setcfg "$1" "ErrorCode" "$iError" -f "${RR_CONF}"
@@ -289,7 +306,7 @@
else
# /sbin/setcfg "$1" "Status" "7" -f "${RR_CONF}"
SetStatus "$1" "7"
- if [ x"$5" = x ]; then
+ if [ x"$szRetryMsg" = x ]; then
/sbin/log_tool -t 2 -u "$2" -p "$3" -m "$4" -a "[Remote Replication] $szName failed: ${ERROR_DESC[$iError]}"
if [ "1" == "${RR_MODE}" ]; then
/sbin/notice_log_tool -t 3 -y 5 -N "${RR_name}" -S "7" -E "[Remote Replication] $szName failed: ${ERROR_DESC[$iError]}" -g "MSG_RR_006" -j "${RR_name}"
@@ -297,7 +314,7 @@
/sbin/notice_log_tool -t 3 -y 5 -N "${RR_name}" -S "7" -E "[Remote Replication] $szName failed: ${ERROR_DESC[$iError]}" -g "MSG_RR_003" -j "${RR_name}"
fi
else
- /sbin/log_tool -t 1 -u "$2" -p "$3" -m "$4" -a "[Remote Replication] $szName failed: ${ERROR_DESC[$iError]} $5"
+ /sbin/log_tool -t 1 -u "$2" -p "$3" -m "$4" -a "[Remote Replication] $szName failed: ${ERROR_DESC[$iError]} $szRetryMsg"
fi
fi
}
@@ -604,7 +621,7 @@
if [ "x${RR_opt_KBPS}" = "x0" ]; then
RR_options=${RR_options}"--qnap-bwlimit "
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
- /usr/bin/rsync --sever-mode=1 --dry-run -e "${RR_com_ssh}" --qnap-ssh-bwlimit --timeout=${xsTimeout} --password="${Passwd}" "${UserName}"@[${Remote_IP}]::
+ /usr/bin/rsync --sever-mode=1 --dry-run -e "${RR_com_ssh}" --qnap-ssh-bwlimit --timeout=${xsTimeout} "${UserName}"@[${Remote_IP}]:
if [ "x$?" = "x0" ]; then
RR_options=${RR_options}"--qnap-ssh-bwlimit "
fi
@@ -624,7 +641,7 @@
echo "Debuging mode"
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
modify_known_hosts
- LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
+ LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]:"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
else
LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} --port=${RR_PORT} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" -v -v -v 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
fi
@@ -632,7 +649,7 @@
echo "Normal mode"
if [ "x${RR_opt_SSH}" = "xTRUE" ]; then
modify_known_hosts
- LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
+ LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} -e "${RR_com_ssh}" ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --timeout=${xsTimeout} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]:"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
else
LC_ALL=en_US.UTF-8 /usr/bin/rsync -H -a ${RR_EXTAAR} --sever-mode=${RR_MODE} ${RR_options} --exclude=':2eDS_Store' --exclude='.AppleDB/' --exclude='.AppleDesktop/' --exclude='.AppleDouble/' --schedule="$1" --password="${Passwd}" --timeout=${xsTimeout} --port=${RR_PORT} "${RR_local_path}/" "${UserName}"@[${Remote_IP}]::"${RR_remote_path}" 1>${SZF_OUTPUT} 2>"$SZF_ERROR_TMP"
fi
@@ -671,12 +688,13 @@
fi
#report_error
+ noRetry=0
Update_Status "$1" "$szUser" "$szAddr" "$szHost" "$szRetry"
[ -f "${LOG_FILE_NAME}" -a "$DEBUG" = "no" ] && /bin/rm "${LOG_FILE_NAME}"
- # Don't retry on the following cases.
- if [ "$iError" -eq 0 ] || [ "$iError" -eq 43 ] || [ "$iError" -eq 44 ] || [ "$iError" -eq 48 ] || [ "$iError" -eq 49 ] || [ "$iError" -eq 50 ]; then
+ # Don't retry if noRetry was set in function Update_Status
+ if [ "$noRetry" -eq "1" ]; then
break
fi
-
- Starting out
- Posts: 10
- Joined: Wed Sep 07, 2011 1:55 am
Re: Secure RSYNC over SSH between two QNAP NAS
Hi pbqn2014,
Thanks for your investigations and the additional notes on this issue!
Eventually, this only shows to me that the QNAP team is really not serious about security and does not really care about the feedback of their users. This Rsync over SSH issue has now been raised for almost 1,5 years, and no real improvements have been made to date (only cosmetic changes as in 4.1.2).
This makes remote replication over Internet between QNAP NAS completely unsecure and therefore useless for business use, just good enough for backing up non-critical private data...
Thanks for your investigations and the additional notes on this issue!
Eventually, this only shows to me that the QNAP team is really not serious about security and does not really care about the feedback of their users. This Rsync over SSH issue has now been raised for almost 1,5 years, and no real improvements have been made to date (only cosmetic changes as in 4.1.2).
This makes remote replication over Internet between QNAP NAS completely unsecure and therefore useless for business use, just good enough for backing up non-critical private data...
-
- Know my way around
- Posts: 108
- Joined: Sat Nov 21, 2009 5:56 am
Re: Secure RSYNC over SSH between two QNAP NAS
Hi,
I have enabled RSYNC over SSH from a FreeNAS box to QNAP.
It works, but really buggy I think. Because it did not complete the backup on the first scheduled run.
I have ~800GB on the FreeNAS that needs to be backed up on the QNAP. I have it scheduled to backup every day.
Up to now, it has only backed up ~300GB. And it has been running for a week now. Everyday it increases a little bit more.
Is there any way I can debug and see what the issue could be?
I can't seem to find any log files for rsync or ssh.
I have enabled RSYNC over SSH from a FreeNAS box to QNAP.
It works, but really buggy I think. Because it did not complete the backup on the first scheduled run.
I have ~800GB on the FreeNAS that needs to be backed up on the QNAP. I have it scheduled to backup every day.
Up to now, it has only backed up ~300GB. And it has been running for a week now. Everyday it increases a little bit more.
Is there any way I can debug and see what the issue could be?
I can't seem to find any log files for rsync or ssh.
TS-459 Pro+ || TS-419P II
-
- Starting out
- Posts: 17
- Joined: Wed Feb 04, 2015 6:18 am
Re: Secure RSYNC over SSH between two QNAP NAS
pbqn2014 wrote:I can confirm the issue with firmware 4.1.2: it is impossible to setup an Secure Rsync-over-SSH job via WebUI
after some investigations I found the root cause, it's simply not supported by wizReq.cgi
[...]
For me it looks like this is Rsync-over-SSH to a standard Linux server is currently totally untested by QNAP
For proper support for Rsync-over-SSH following action is required by QNAP:
- extend wizReq.cgi to have option Rsync-over-SSH already in the initial external connection dialog (including specifying a non-standard port) and not later in the option dialog
- fix rsyncRR.sh (replace "::" by ":" in case of Rsync-over-SSH)
- create proper testcases with a normal Linux system supporting rsync-over-ssh for a particular user to avoid that this feature gets broken again...
Hi - I'm all new in this forum, and accuired myQnap for only a week ago.. I have run into the same problem as described above - I would like to do a raync-backup to a remote host, that only offers rsync over ssh.
As I'm fairly new to this, I would like to ask - would it be possible to setup a rsync-backup job to a local NAS, and afterwards set It to do rsync over ssh (still to the local NAS) - and finally find the files that holds the definition of this backup and change this definition to the remote host ? Would it be possible to "trick" the backup-station to think that the backup was defined to the remote host?
Regards
Lux550
-
- Starting out
- Posts: 13
- Joined: Sun Dec 21, 2014 7:35 pm
Re: Secure RSYNC over SSH between two QNAP NAS
It looks like this is still NOT working! The files mentioned in http://forum.qnap.com/viewtopic.php?t=78623#p451907 are still nit fixed (QTS 4.1.4 2015-08-04).
Just opened a ticket via Helpdesk...
Just opened a ticket via Helpdesk...
-
- First post
- Posts: 1
- Joined: Sun May 14, 2017 1:22 pm
Re: Secure RSYNC over SSH between two QNAP NAS
Hi "WebCF", Did you ever get any response on your ticket? I also want to do secure rsync over the Internet between a TS-251+ and a TS-431. Any information to get this working will be helpful.
Thanks
Thanks
-
- Starting out
- Posts: 27
- Joined: Fri Feb 05, 2016 5:28 pm
Re: Secure RSYNC over SSH between two QNAP NAS
It only works one way with rsync from the webUI.(Local to Remote)
if you need the other direction better try command line rsync.
if you need the other direction better try command line rsync.