This is the mail archive of the
mailing list for the Cygwin project.
Re: Rsync over SSH not working when ZoneAlarm installed
Larry Hall (Cygwin <reply-to-list-only-lh <at> cygwin.com> writes:
> Zarko Roganovic wrote:
> > Larry Hall (Cygwin <reply-to-list-only-lh <at> cygwin.com> writes:
> >>Zarko Roganovic wrote:
> >>>I'm trying to backup a directory from a Win 2K machine to a Linux server
> > with
> >>>cmd below.
> >>>rsync -rvc -e "ssh -l testusr" /cygdrive/c/testdir
> >>>When I uninstall ZoneAlarm(6.1.737) this same command works fine.
> >>>It doesn't help if I shutdown ZoneAlarm, I have to uninstall it. This is a
> > test
> >>>machine and I'm willing to run ANY tests that you might suggest. I've
> > included
> >>>the cygcheck output with ZoneAlarm installed and when it wasn't.
> >>We actually ask for *attachments* of cygcheck output, not inclusions.
> >>>I really need this to work and I would appreciate any help.
> >>This sounds like a firewall configuration problem rather than a Cygwin
> >>software problem. Didn't ZoneAlarm query you when you first tried the
> >>rsync? I thought that was it's modus operandi. In any case, you need
> >>to open port 873 for rsync to run at least. You can check the man page
> >>for more info.
> > Hi,
> > I apologize about pasting the cygcheck output instead of attaching it.
> > ZoneAlarm did ask if I'd like to let rsync access the internet and I did
> > say to allow it. However it never asks it ssh.exe should be allowed to
> > access the net. Lastly I don't think the port is the problem because
> > even when I shut down ZoneAlarm I get the same result.
> That turns out not to be significant. Many firewalls install "stuff" in
> the TCP stack so turning them off does not necessarily get you to the
> same state as uninstalling, as you already determined for yourself. In
> other words, ZoneAlarm is getting in your way whether you're running it
> or not. You need to get ZoneAlarm configured to allow these applications
> to run. Effectively, that means opening ports the apps use. ZoneAlarm
> probably didn't ask about 'ssh' because it couldn't "see" it buried within
> > I have been
> > able to use rsync just by itself to sync with a rsync server with
> > ZoneAlarm still running.
> Well, if you can use 'rsync' with ZoneAlarm after telling it to permit
> 'rsync' access then you should find you have luck when you do the same
> for 'ssh'. Try running 'ssh -l testusr 192.168.1.2' and see what
> ZoneAlarm has to say. I bet that will trip it and you'll find you
> can get access with both 'ssh' and 'rsync', separately or together.
> If not, you'll need to configure port 22 to be open for 'ssh'.
> I feel compelled to point out that this is really a firewall configuration
> issue and as such, it's really not on-topic for this list. If the above
> information isn't enough to get this problem resolved to your satisfaction,
> you should really look for some specific help with configuring ZoneAlarm.
> Much discussion of ZoneAlarm's workings isn't really appropriate here.
I don't believe that this is a case of me not knowing how to configure
the firewall, and this is why.
I set my linux box to act as an rsync server. I than ran the command below
from the cygwin computer with ZoneAlarm still running
rsync -rvc /cygdrive/c/testdir rsync://email@example.com::/testusr
It asked me for the password and than finished the sync as it should
When I tried accessing the Linux box from cygwin while ZoneAlarm is running
with the following command
ssh -l testusr 192.168.1.2
it asked me to accept the RSA fingerprint and logged me in
When I set ZoneAlarm to block rsync.exe from accessing the internet I got
the following error
rsync: failed to connect to 192.168.1.2: Connection refused (111)
rsync error: error in socket IO (code 10) at /home/lapo/packaging/tmp/rsync-
Without touching the permissions in ZoneAlarm I shut it down and ran rsync
again. It went through just fine.
As far as I know (99% sure) when rsync is pushing the changes to the Linux
server it doesnât need to listen to any ports, thatâs for the Linux server
to do. Likewise, to use SSH, only the server (Linux box) youâre connecting
to has to open port 22. If I'm able to use both services separately they
should work together also. Please point out if there are any holes in my
Again I appreciate all your help
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html