Unfortunately rsync does not cooperate with $SSH_ASKPASS the way scp and ssh do.
Meanwhile, using scp is absolutely terrible on slow connections where files are being updated... To scp updates of a program to 4 servers (including one in China with the GFW) it was taking ~20 minutes. Running it with rsync where only deltas of the binary are sent, it happens in under 15 seconds.
So rsync is totally worth using.
Let's say that this is the rsync job that I want to run:
rsync --chown app:app -e 'ssh -p 2222' \
--progress ./my-app \
app@MYSERVER:/home/appAll you need to do is add a -v to the part that calls ssh, and then grep for the Sending command line, like this:
rsync --chown app:app -e 'ssh -v -p 2222' \
--progress /tmp/foo \
app@MYSERVER:/home/app 2>&1 \
| grep 'Sending command'
Enter passphrase for key '/home/me/.ssh/id':
debug1: Sending command: rsync --server -oge.LsfxCIvu --log-format=X --usermap=\\*:app --groupmap=\\*:app . /home/appThe output of our rsync --server command is EXACTLY the only thing we'll allow in our ~/.ssh/authorized_keys on our server, and then we'll append:
no-pty,no-agent-forwarding,no-port-forwardingSo generate a new ssh key that we'll use just for rsyncing these files:
ssh-keygen -f rsync_key -t ed25519 -q -N ""Then, on your server, edit the authorized keys file to add the content of rsync_key.pub... But we'll prepend the command= parameters to restrict the key to this exact rsync command:
command="rsync --server -oge.LsfxCIvu \
--log-format=X --usermap=\\*:app \
--groupmap=\\*:app . /home/app", \
no-pty,no-agent-forwarding,no-port-forwarding \
ssh-ed25519 AAAACFAKE_KEY_GENERATED_ONLY_FOR_TESTBOk7MpJi9jXfs+
↳ 4lEOvpQFAKE_RSYNC \
me@myhostnameNote that authorized keys lines must be on ONE LINE, so when you actually paste it in, it will look like:
command="rsync --server -oge.LsfxCIvu --log-format=X --usermap=\\*:app --groupmap=\\*:app . /home/app", no-pty,no-agent-forwarding,no-port-forwarding ssh-ed25519 AAAACFAKE_KEY_GENERATED_ONLY_FOR_TESTBOk7MpJi9jXfs+
↳ 4lEOvpQFAKE_RSYNC me@myhostname