Synology Rsync Issue

Linux OS’es come with this very useful utility: rsync. Sync Synology is an app built on top of a modified Linux base. In fact, the OS is known as IIRC, a very heavily modified Debian fork that uses Upstart instead of sysvinit or systemd. The upside is that its attack surface area is smaller; hence, Synology is less likely to be compromised than more popular distributions such as Redhat or Ubuntu.

Here’s how to turn on Rsync:

Login to the Synology UI > Control Panel > File Services > rsync > select ‘Enable  rsync service’, ‘Enable rsync account’, and ‘Edit rsync Account’ > Apply

By default the ssh version on Synology is rather ancient, hence attempts to rsync from a remote host would yields these errors:

test@testlinux:/# rsync -azrW --delete /export test@192.168.1.66:/volumeUSB1/usbshare/
Unable to negotiate with 192.168.1.66 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(235) [sender=3.1.3]

Resolution to this issue is to enable stronger ciphers on Synology:

Login to Synology UI > Control Panel > Terminal & SNMP > put a check mark next to ‘Enable SSH service’ > click on Advanced Settings > select ‘High’ security level > Apply > Apply

test@testlinux:/# rsync -azrW --delete /export test@192.168.1.66:/volumeUSB1/usbshare/
The authenticity of host '192.168.1.66 (192.168.1.66)' can't be established.
ECDSA key fingerprint is SHA256:B4RRMtN8J5UWjSomething.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.66' (ECDSA) to the list of known hosts.
test@192.168.1.66's password:
... output truncated for brevity ...

Some Rsync Examples:

# Rsync practical usage from local to local
rsync -azrW --delete /export /backup # preserve time stamp, compressive, recursive, transfer whole files (to bypass checksums), delete new files at destination

# Rsync from local to remote
rsync -azrW --delete /export user@remoteserver:/remote/path
Posted on Categories Linux

Leave a Reply

Your email address will not be published. Required fields are marked *