Rsync from a FreeBSD Server to a FreeBSD Shell Account

rsync logo


Recently, a need to utilize rsync to synchronize  various FreeBSD configuration files to a FreeBSD shell account at our BSD-based hosting services company necessitated this post to document the basic setup and configuration.

Rsync is normally used to synchronize files and directories between two systems.  In our setup, key-based authentication is utilized instead of using passwords.  Additionally, crontab setup for continuous synchronization is demonstrated.



Root access to a FreeBSD Server to act as the client and a FreeBSD shell account to act as the repository of file synchronization are required.  A FreeBSD shell account is simply a user account on a remote FreeBSD Server which give access to a shell via SSH.  Additionally, the FreeBSD Server requires rsync installed and configured as a client.


SSH Client Login:

On the FreeBSD Server, login as root via the console:
FreeBSD/amd64 ( (ttyv0)

login: root


root@bsd220:~ #
Next, from the FreeBSD Server root console, SSH into the FreeBSD shell account, in our case [shelluser@]:
root@bsd220:~ # ssh shelluser@
Password for shelluser@


[shelluser@backup ~]$


Installing Rsync as a Client:

Use pkg to install rsync on the FreeBSD server:

The FreeBSD server will act as the client to the FreeBSD shell account machine, therefore, rsync installation is required. No configuration is necessary since it will be utilized as a client.

root@bsd220:/ # pkg install rsync
Updating poudriere repository catalogue...
poudriere repository is up-to-date.
All repositories are up-to-date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
 rsync: 3.1.2_6
 libiconv: 1.14_10

Number of packages to be installed: 2

The process will require 3 MiB more space.
881 KiB to be downloaded.

Proceed with this action? [y/N]: y
Fetching rsync-3.1.2_6.txz: 100% 288 KiB 294.5kB/s 00:01 
Fetching libiconv-1.14_10.txz: 100% 594 KiB 607.9kB/s 00:01 
Checking integrity... done (0 conflicting)
[1/2] Installing libiconv-1.14_10...
[1/2] Extracting libiconv-1.14_10: 100%
[2/2] Installing rsync-3.1.2_6...
[2/2] Extracting rsync-3.1.2_6: 100%
root@bsd220:/ #


Generate RSA Authentication Keys:

The first operation is to generate the key on the client machine, your FreeBSD Server, by running the following command:

When you see ‘Enter passphrase (empty for not passphrase):’ Just hit the enter key then the confirmation ‘Enter same passphrase again:’ is displayed.  Again, just hit the enter key.  In short order, the output from the command should give you an similar output as shown below:

# ssh-keygen -t rsa -b 4096 -C ""

Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase. 
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/
The key fingerprint is:
The key's random art image is:
+---[RSA 4096]----+
|                 |
|                 |
|                 |
|        . o..    |
|       .S*+*o    |
|      . O=Oo . . |
|       = Oo= oo..|
|      .oB.* +.oo.|
|       =OE**.o..=|
Additional information about the above command:
  • ‘ssh-keygen -t rsa’ invokes the ssh-keygen utility to create an rsa protocol version 2 authentication key.
  • ‘-b 4096’ specifies the number of bits in the key to create.  2048 is general considered sufficient, but 4096 bits provides additional security.
  • ‘-C “”‘  provides a comment making key identification easier.
  • No passphrase is utilized.
  • Keys are stored in root’s .ssh directory
  • For additional information, please review the man page for ssh-keygen.


SCP Authentication Keys:

Next, use scp to securely copy the file .ssh/ from the FreeBSD Server to the FreeBSD shell account machine.
# scp .ssh/ shelluser@
After the scp command is issued the following output is observed:                           100%  740     0.7KB/s   00:00
Additional information about the above commands:
  • Private key is stored in ~/.ssh/id_rsa on the FreeBSD Server
  • Public key is stored in ~/.ssh/ on the FreeBSD Server
  • The public key must be copied from the FreeBSD Server to ~/.ssh/authorized_keys file on the remote machine, the FreeBSD shell account, for key-based authentication to work.


Verify Key-Based Authentication

To determine if the key works,  from the FreeBSD Server root console, SSH into the FreeBSD shell account, in our case, [shelluser@] and verify login occurs without a password prompt.


root@bsd220:~ # ssh shelluser@


[shelluser@backup ~]$



Initiating the rsync command everyday at 0900 and syncing the local user download folder from the FreeBSD Server to the remote shell account, add the following to crontab -e.
# Backup every day - /usr/home/user/download
00 09 * * * /usr/local/bin/rsync -avz --delete /usr/home/user/download -e ssh shelluser@ >> /dev/null 2>&1
Additional information about the above command:
  • 00 and 09 represent the minute and hour respectively.
  • -avz represents archive, verbose, and compression respectively.
  • –delete deletes extraneous files from the destination directory.
  • -e specifies the remote shell to use – ssh
  • /dev/null 2>&1 keeps crontab quiet



Rsync is a powerful utility when combined with SSH.  Key-Based Authentication aids in the management of rsync so passwords are not required.  With crontab, a schedule of synchronization of files between two machines is possible and pragmatically a necessity.



FreeBSD man pages:  man ssh-keygen, man ssh, man crontab

Rsync Home Page:

Leave a Reply

Your email address will not be published. Required fields are marked *