rsync from remote ssh server with forwarded keys

Context

I am writing a synchronisation script to sync some web environments.

Ex: Update integration from production (mostly to fetch new database rows and uploaded files)

Some of my prerequisites are :

  • Developpers will use this script from the integration server
  • DSA keys are needed to connect to production server
  • Integration server can not store developper's private keys

Question

I want developpers to connect to integration with ssh -A to allow the script to connect to production server with their key:

+-------------+    SSH     +-------------+   rsync   +-------------+
| Developer   | ---------> | Integration | --------> |  Production |
|  computer   |            |   Platform  | <-------- |   platform  |
+-------------+            +-------------+           +-------------+
(priv DSA key)              (pub DSA key)             (pub DSA key)

It works just fine for ssh or scp, but I can't get rsync to use forwarded keys to connect to production server.

I saw similar questions but where rsync is run from user's computer and therefore ssh key file may be pointed by -i option.

My concern is not either passphrase related since this script will be run by real users (not cron)

I tried to specify remote shell to rsync like this :

rsync -e "ssh -A" user@production

But with no luck.


Solution 1:

Ok my problem was that I am "SSHing" on non standard port and I was trying to tell rsync via --port= option.

I used rsync -e "ssh -p 1337" user@host:somepath/ . instead and it works just fine out of the box.