Specify identity file (id_rsa) with rsync

I need to make periodic backups of a directory on a remote server which is a virtual machine hosted by a research organisation. They mandate that access to VMs is through ssh keys, which is all good, except that I can’t figure out how to point rsync to the ssh key for this server.

Rsync has no problem if the key file is ~/.ssh/id_rsa, but when it is something else I get Permission denied (publickey).

With ssh I can specify the identity file with -i, but rsync appears to have no such option.

I have also tried temporarily moving the key on the local machine to ~/.ssh/id_rsa, but that similarly does not work.


Can you specify an identity file with rsync?

Asked By: Jangari


You can specify the exact ssh command via the ‘-e’ option:

rsync -Pav -e "ssh -i $HOME/.ssh/somekey" username@hostname:/from/dir/ /to/dir/

Many ssh users are unfamiliar with their ~/.ssh/config file. You can specify default settings per host via the config file.

Host hostname
    User username
    IdentityFile ~/.ssh/somekey

In the long run it is best to learn the ~/.ssh/config file.

Answered By: Dan Garthwaite

This can be done with SSH user config see:
basically edit ~/.ssh/config:

$ nano ~/.ssh/config
#Add Hosts below 
Host server1
HostName examplehost.com
User username
Port 22
IdentityFile /path/to/key

$ rsync -e ssh /home/user/directory user@remote.host.net:home/user/directory/

This should work for any program using SSH, rsync,

Answered By: Cbaker510


1) The public key is always in the home directory of the user logging in to remote server i.e. if you login as “backup” it is located at /home/backup/.ssh/authorized_keys. User ID when you login defines the public key used at the destination.

You can choose the user ID when making connection by two different ways:

ssh user_id@destination.server
ssh -l user_id  destination_server     (<-- that is lower case "L")

On the other hand at your end the private key is in a similar way in homedir of user unless you override it like described in Dan’s answer.

2) For backup purpose it may be desirable to create a restricted key which is limited to run just one command like “rsync”. There is a good description about that related to “rsnapshot” backup which allows you to remote backup entire server using non privileged user account and “sudo”:

“rsnapshot” howto

Rsnapshot can easily backup a bunch of remote or local servers making it handy scheduled & centralised backup server.

Answered By: ajaaskel

For me it was sufficient to start the ssh-agent as follows:

eval `ssh-agent -s`
ssh-add /path/to/mykey

See also a longer answer here https://stackoverflow.com/questions/17846529/could-not-open-a-connection-to-your-authentication-agent

Answered By: pietro
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.