-1

I want to offer a backup storage service for some of my friends. I have a QNAP nas and want to make it accessable across the internet so my friends can backup their files on it.

I think rsync is the best protocol for this. But I want to know how to make it secure. I can start the rsync server and configure my router to forward the port, but then the data goes across the net unencrypted. I can use ssh instead. But how do I set things up so that they cannot login to the machine, or at least, not be able to see the files that others have stored on there? I basically want to sandbox them.

I've been searching the net a lot and have found plenty of information about setting up your personal rsync server to backup your personal stuff. But I have not been able to find anything about the usecase I described above.

Pascal Rottier
  • 69
  • 2
  • 7

1 Answers1

0

You don't need to set up an rsync server (rsyncd) - you can just use ssh (which is used by default for rsync) and rsync will be taken care of automatically. Create an account on your server for each user and then they can just backup as as, e.g.

$ rsync -av /path/to/local/files username@your_server:path/to/backups/

So all you need to do other than creating user accounts is to open port 22 for incoming ssh traffic.

Paul R
  • 208,748
  • 37
  • 389
  • 560
  • But once they have a username/password, they can also use ssh to log into the machine, start commands and go into other directories. How do I prevent that? – Pascal Rottier Mar 28 '14 at 11:19
  • So long as you have permissions set up correctly then they won't be able to do any harm, even if they did decide to log in and run some commands. However it's probably easy enough to limit their access, but this question is more the scope of http://superuser.com or http://serverfault.com, since it's not a programming question. – Paul R Mar 28 '14 at 11:39
  • Paul, you are absolutely right. I did post this in the wrong domain. – Pascal Rottier Mar 28 '14 at 12:15