Data synchronization over the Internet with Unison
In Sync
Unison and SSH help you sync your directories across multiple computers.
Not everyone is lucky enough to get through life with a single IT device for everything. Many Linux users have a distributed IT infrastructure, with a PC at home, another PC at work, and a laptop for the road.
In such a constellation, you always want to be able to access the current version of all files, regardless of which device you are currently using.
A typical solution to this dilemma is to take a working copy of all the relevant files with you, for example, on a USB stick. But if you don't pay meticulous attention, you could end up with several diverging versions of a file, none of which contains all the changes.
Only centralized data storage on a network drive in the cloud can help. However, the access speed and thus also your efficiency can suffer enormously. In addition, the client must be able to reach the server on the Internet at all times, which is often a problem when commuting or traveling.
For a really practicable solution to the problem, you need three components to work together: centralized data storage that is accessible on the Internet, local working copies of this pool on all devices, and a simple – preferably fully automated – method for synchronizing via a server and clients. Unison [1] is a popular open source tool that can handle the synchronization duties. This article shows how you can combine Unison with the OpenSSH secure shell [2] to connect your local systems to the cloud and synchronize your files (Figure 1).
Setting Up SSH
SSH provides the basis for authenticating the client to the server and for transporting the data over the Internet with protection from unauthorized access.
See the project website for more on setting up OpenSSH [2]. On the server, the SSH service must listen on a defined port (typically port 22). If the server is behind a firewall or a router, you will need to forward the port.
Each client must have a secret key and its public counterpart. A typical scenario is to use an RSA key pair consisting of two files: ~/.ssh/id_rsa
and ~/.ssh/id_rsa.pub
. If these keys are missing, or if you have forgotten the secret key's passphrase, you can generate a new key pair with ssh-keygen
. To create a new passphrase, simply call ssh-keygen -p
. You'll need to communicate each client's public key to the server. For example, if the server is located in the mycloud.com
domain, you could enter:
$ $ ssh-copy-id client_name@server_name.mycloud.com
The key ends up in the ~/.ssh/authorized_keys
file on the server. From now on, the way to connect from the client to the server is to enter the local secret key's passphrase; you won't have to rely on the remote server password.
To enter this passphrase only once per session on the client, use ssh-agents
; this command launches automatically at login time on many current desktop systems. If you pass in the secret key unlocked by passphrase via ssh-add
, then no further typing of the passphrase is required for each subsequent SSH connection during this session. You will therefore also want to run ssh-add
at login by adding it to an autostart script.
Desktops typically use the graphical ssh-askpass
dialog to query the passphrase. Some desktops, such as KDE Plasma, use their own implementation (for Plasma: ksshaskpass
), which allows them to store the passphrase in the integrated password safe for further sessions after entering it. This step eliminates the need to re-enter the passphrase in the future.
The commands for installing OpenSSH on the server and the corresponding client on desktops and notebooks appear in Listing 1.
Listing 1
Installing OpenSSH
Setting Up Unison
For Unison to work properly, all the systems involved in replication – all the clients and the central server – must use the same software version. Both Unison's User Manual and Reference Guide refer explicitly to the fact that the data format of the archives can change between releases. Therefore it is recommended to generate Unison directly from the source code in order to be able to mix different distributions and their generations more easily in the working environment. This article uses the currently recommended stable Unison v2.48.4 [3].
To build Unison, you need GNU Make, the OCaml compiler, and some libraries. To install them on Debian and its offshoots including all necessary dependencies, use the command from line 1 of Listing 2. Then change to the home directory, download the Unison source code, unpack it, and change to the newly created source directory (lines 2 to 5).
Listing 2
Building Unison
Essentially, Unison consists of three executable files, which you build with the commands from lines 6 to 10 and install to /usr/local/bin
(lines 11 to 17). The command-line-based Unison performs the actual sync and can be used both in the background and interactively at the command line. Finally, the unison-fsmonitor
filesystem monitor is used in case of a permanent connection between client and server. When changes are made on one page, the client informs the other side and initiates a sync immediately.
The interactive alternative with a graphical user interface (GUI) is unison-gtk
. It is especially recommended for mobile devices with only a temporary connection to the server and in case of inconsistencies between client and server. Inconsistencies inevitably arise as soon as files on both sides change for some reason without a timely sync being able to take place. Unison can no longer resolve this automatically. In such situations, the graphical client is clearer, making it easier to select the appropriate file version.
Configuring the Synchronization
The way Unison works is controlled by profile files, which can be nested if required (more about this later). These profiles follow semantics, the fundamentals of which I will explain with some examples. When you edit the files, be sure to consult the Unison manual, especially the chapters on profiles [4] and path specification [5].
As a userspace application, Unison stores its configuration in the ~/.unison
directory; it is the individual user's responsibility to design this to suit their own needs. Consequently, the Unison profile common.prf
(Listing 3) can only serve as an example; you will need to adapt it to meet your specific needs.
Line 4 in Listing 3 specifies the local directory that Unison will synchronize against the server and its directory (line 5). Line 7 defines the logfile that logs all individual adjustments.
Listing 3
common.prf
In line 9, things start to get more interesting: Lines 4, 5, and 7 tell Unison to compare the entire content of the specified directories against each other. Lines 9 and 10 explicitly exclude two paths in the client root directory (/home/<Client>
), Downloads/
and Maildir/
in this case, from the synchronization.
In addition, line 11 excludes all files and directories that have the specified pattern in their name. In this case, this means all the hidden files and directories (dotfiles) in the entire path from the root directory, for example, including the file /home/<Client>/<Folder>/.<File>
. This also includes the /home/<Client>/.unison/
directory and its contents.
However, Unison needs to keep its profiles – only the ones from the .unison/
directory – in sync. This explains why line 13 first includes .unison/
again, but line 14 excludes its content (logs and archives). Line 15 then ensures that all files ending in .prf
(i.e., the Unison profiles) are still synchronized.
Lines 17 to 19 do something similar for the hidden .gnupg/
directory. However, line 19 here explicitly includes only the three listed files in the synchronization.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Systemd Fixes Bug While Facing New Challenger in GNU Shepherd
The systemd developers have fixed a really nasty bug amid the release of the new GNU Shepherd init system.
-
AlmaLinux 10.0 Beta Released
The AlmaLinux OS Foundation has announced the availability of AlmaLinux 10.0 Beta ("Purple Lion") for all supported devices with significant changes.
-
Gnome 47.2 Now Available
Gnome 47.2 is now available for general use but don't expect much in the way of newness, as this is all about improvements and bug fixes.
-
Latest Cinnamon Desktop Releases with a Bold New Look
Just in time for the holidays, the developer of the Cinnamon desktop has shipped a new release to help spice up your eggnog with new features and a new look.
-
Armbian 24.11 Released with Expanded Hardware Support
If you've been waiting for Armbian to support OrangePi 5 Max and Radxa ROCK 5B+, the wait is over.
-
SUSE Renames Several Products for Better Name Recognition
SUSE has been a very powerful player in the European market, but it knows it must branch out to gain serious traction. Will a name change do the trick?
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.