@João Cardoso, thank you again for the help and the sshd idea.
I want to put some summary here for those people who wants to SSH from ALT-F linux to Windows machine and wants to initiate rsync not on Windows but on Linux side.
(in archiving problems the windows ->linux direction seems more frequent than linux ->windows as I found during googleing however linux->windows direction is more safe I think)
I hope I do not skip any important step.
==================== ( ALT-F Linux => ssh => Windows - and rsync via ssh connection ) ===================================
To-do on Windows:
- install opensshd on windows
- check that both of openssh services are up and running (I missed 1st this and spent some hours to set up different keys/different users for nothing)
- public/private user key pair is needed for passwordless ssh. As on ALT-F I could not create RSA keys (there is no ssh-keygen)
I have run it on windows (with current user, not with "nasuser"). The the generated files are id_rsa and id_rsa.pub
a) both of them should be moved to the NAS into /home/nasuser/.ssh dir
b) public key is need to be placed on windows machine in /users/nasuser/.shh dir (or where is the %userprofile% of nasuser)
but not as is its content need to be added to authorized_keys file there. If there is no such a file just rename
id_rsa.pub to authorized_keys
- install cygwin on windows machine and install rsync package in it
-it is needed because when NAS connects via ssh to windows box , rsync will run on windows machine (at least it is missing if not installed)
-and if the directory to be archived is not on C: drive you can use cygwin's drive path.
for example if windows path is like e:\Docs then rsync will reach it by this path: /cygdrive/e/Docs
To-do on NAS:
-check SSH connection with password (windows user's pw) 1st (my windows pc's local IP addr is 192.168.1.2)
if connection is not working, it is probably an access problem. Create a windows firewall rule ( type in searchbar: "firewall" and open windows defender firewall and set "Allow and app or feature" or a special rule: TCP inbound port 22)
- so if ssh with password is working, this is the moment when we can try passwordless operation (it needs a pubic/private RSA key pair and public part should be placed on remote machine's authorized_keys file,
but a caveat is here that on ALT-F there is no openssh but SSH is realized by dropbear instead. It is the reason that key generation was easier on windows for me as I've written it in an earlier line)
another problem is that dropbpear has an own format for keys so we need to convert id_rsa to dropbear format this way:
dropbearconvert openssh dropbear /home/nasuser/.ssh/id_rsa /home/nasuser/.ssh/id_dropbear
after that ssh should work in passwordless mode:
- if all above is done then the last step is to start rsync:
rsync -avh --rsh="ssh -i /home/nasuser/.ssh/id_dropbear" nas...@192.168.1.2:/cygdrive/e/Docs /mnt/md0/arch/Docs --fuzzy --delay-updates --delete-delay
DONE.....
(--fuzzy --delay-updates --delete-delay : I found it on web as a recommended setting combo to handle renamed files, deletions well
at this moment it ok gor me as well)
-----------------------------------------------------------------------------------------
I've created a script around this final rsync command with this functionality:
- comparing a honeypot doc file with a stored copy of it to prevent overwriting previously archived files with
encrypted / infected files in case of ransomware/virus infection on the windows machine.
If the honeypot doc is changed, rsync is not started but a warning email is sent to me
and a warning message is put in the archived directory with a file (warning is in the file name) to warn me if I did not see the mail yet.
- every run places a file in the archived directory (on windows machine) with timestamp in its name to know when the archiving run last time.