How to Use rsync to Securely Copy Files from One System to Another

Synchronize files and directories with rsync

The rsync command is another way to securely copy files from one system to another. The tool uses an algorithm that minimizes the amount of data copied by synchronizing only the portions of files that have changed. It differs from scp in that if two files or directories are similar between two servers, rsync copies the differences between the file systems on the two servers, while scp would need to copy everything.

One of the advantages of rsync is that it can copy files between a local system and a remote system securely and efficiently. While the initial synchronization of a directory takes about the same time as copying it, any subsequent synchronization only requires the differences to be copied over the network, speeding updates, possibly substantially.

One of the most important options of rsync is the -n option to perform a dry run. A dry run is a simulation of what happens when the command gets executed. The dry run shows the changes rsync would perform when the command is run without the dry run option. You should perform a dry run before performing an rsync operation to ensure no important files get overwritten or deleted.

The two most common options when synchronizing files and directories with rsync are the -v and -a options. The -v or –verbose option provides more detailed output as the synchronization runs. This is useful for troubleshooting and to help see progress. The -a or –archive option enables “archive mode”. This is a quick way to enable recursive copying and turn on a large number of useful options to preserve most characteristics of the files. Archive mode is the same as specifying the following options:

Options Enabled with rsync -a (Archive Mode)

OPTION DESCRIPTION
-r, –recursive synchronize recursively the whole directory tree
-l, –links synchronize symbolic links
-p, –perms preserve permissions
-t, –times preserve time stamps
-g, –group preserve group ownership
-o, –owner preserve the owner of the files
-D, –devices synchronize device file

Archive mode does not preserve hard links, because this can add significant time to the synchronization. If you want to preserve hard links too, add the -H option.

  • -A to preserve ACLs
  • -X to preserve SELinux contexts

You can use rsync to synchronize the contents of a local file or directory with a file or directory on a remote machine, using either machine as the source. You can also synchronize the contents of two local files or directories. For example, to synchronize contents of the /var/log directory to the /tmp directory:

[user@host ~]$ su
Password: password
[root@host ~]# rsync -av /var/log /tmp
receiving incremental file list
log/
log/README
log/boot.log
...output omitted...
log/tuned/tuned.log

sent 11,592,423 bytes  received 779 bytes  23,186,404.00 bytes/sec
total size is 11,586,755  speedup is 1.00
[user@host ~]$ ls /tmp
log  ssh-RLjDdarkKiW1
[user@host ~]$

A trailing slash at the end of the source directory synchronizes the content of a directory without newly creating the subdirectory in the target directory. In this example, the log directory is not created in the /tmp directory. Only the content of the /var/log/ directory is synchronized into the /tmp directory.

[root@host ~]# rsync -av /var/log/ /tmp
sending incremental file list
./
README
boot.log
...output omitted...
tuned/tuned.log

sent 11,592,389 bytes  received 778 bytes  23,186,334.00 bytes/sec
total size is 11,586,755  speedup is 1.00

[root@host ~]# ls /tmp
anaconda                          dnf.rpm.log-20190318
private audit                     dnf.rpm.log-20190324  qemu-ga
boot.log                          dnf.rpm.log-20190331  README
...output omitted...

Just like the scp and sftp commands, for rsync you specify remote locations using the [user@]host:/path format. The remote location can be either the source system or destination system, but one of the two machines has to be local.

In order to preserve file ownership, you need to be root on the destination system. If the destination is remote, authenticate as root. If the destination is local, you must run rsync as root. In this example, synchronize the local /var/log directory to the /tmp directory on the remotehost system:

[root@host ~]# rsync -av /var/log remotehost:/tmp
root@remotehost's password: password
receiving incremental file list
log/
log/README
log/boot.
...output omitted...
sent 9,783 bytes  received 290,576 bytes  85,816.86 bytes/sec
total size is 11,585,690  speedup is 38.57

In the same way, the /var/log remote directory on remotehost can be synchronized to the / tmp local directory on host:

[root@host ~]# rsync -av remotehost:/var/log /tmp
root@remotehost's password: password
receiving incremental file list
log/boot.log
log/dnf.librepo.log
log/dnf.log
...output omitted...
sent 9,783 bytes  received 290,576 bytes  85,816.86 bytes/sec total size is 11,585,690  speedup is 38.57