openssh-server restricted to rsync 🐳 https://hub.docker.com/r/fphammerle/rsync-sshd
dependabot[bot]
fcf3efa09d
build(deps): bump docker/build-push-action from 2.7.0 to 2.8.0
|
3 years ago | |
|---|---|---|
| .github | 3 years ago | |
| CHANGELOG.md | 4 years ago | |
| Dockerfile | 3 years ago | |
| Makefile | 4 years ago | |
| README.md | 5 years ago | |
| docker-compose.yml | 5 years ago | |
| entrypoint.sh | 6 years ago | |
| openssh-package-log.url | 3 years ago | |
| openssh-release-notes.url | 4 years ago | |
| rsnapshot.conf.example | 6 years ago | |
| rsync-package-log.url | 3 years ago | |
| sshd_config | 6 years ago |
README.md
docker: openssh-server restricted to rsync 🐳
repo: https://github.com/fphammerle/docker-rsync-sshd
docker hub: https://hub.docker.com/r/fphammerle/rsync-sshd
SSH clients are restricted to rsync --server commands via rrsync.
rrsync prefixes /data to all paths (e.g., rsync ... host:/src /backup downloads /data/src).
example 1
$ docker run --name=rsync-sshd -p 2022:22 -e USERS=alice,bob -v rsync-data:/data:ro fphammerle/rsync-sshd
$ docker cp alice-keys rsync-sshd:/home/alice/.ssh/authorized_keys
$ docker cp bob-keys rsync-sshd:/home/bob/.ssh/authorized_keys
example 2
$ docker run --name rsync-sshd \
--publish 2022:22 --env USERS=alice,bob \
--volume accessible-data:/data:ro \
--volume host-keys:/etc/ssh/host_keys \
--volume alice-ssh-config:/home/alice/.ssh:ro \
--volume bob-ssh-config:/home/bob/.ssh:ro \
--init --rm \
fphammerle/rsync-sshd
$ rsync -av --rsh='ssh -p 2022' alice@localhost:/source /target
required capabilities:
- NET_BIND_SERVICE
- SETGID
- SETUID
- SYS_CHROOT