Backup onto a remote computer
Ok, so you have backups on your local harddrive, for example via Snapshots using rsync and hardlinks or Backup using tar. But wouldn't it be nice to now store some of these also on a different computer. After googling a bit, this is how I copy files to the remote computer:
You need to:
- be able to setup a new user
- be able to edit sshd_config
On the remote computer
Most setup is done on the remote computer. First we add a new user, say we call him "backupuser". We then create a ssh-key so that we can log in without a password for this user.
su backupuser ssh-keygen
The idea is that we copy the public key to our computer and can then log in automatically and do a rsync backup via a cron script. The situation that a user can login without a password is not ideal, so we want to restrict what the user can do. For this we create the following script and call it "validate-rsync":
#!/bin/sh case "$SSH_ORIGINAL_COMMAND" in *\&*) echo "Rejected" ;; *\(*) echo "Rejected" ;; *\{*) echo "Rejected" ;; *\;*) echo "Rejected" ;; *\<*) echo "Rejected" ;; *\`*) echo "Rejected" ;; *backupuser@server:/backup) echo "Rejected" ;; rsync\ --server*) echo $SSH_ORIGINAL_COMMAND >> ~/rsync.log $SSH_ORIGINAL_COMMAND ;; *) echo "Rejected" ;; esac
This should allow only "rsync --server" to be executed which makes things a lot saver. Now we have to force this script to be executed whenever a user logs in. We do this by adding the following to the sshd config file:
match User backupuser ForceCommand /home/backupuser/bin/validate-rsync X11Forwarding no AllowTcpForwarding no
On the client
copy the ssh-pub-key to location A and then create a script similar to this one:
#!/bin/bash # paths and progs I use DEST=backupuser@server:/backup/ ORIG=/backup/local/weekly.0 RSYNC=/usr/bin/rsync #don't use anything else unset PATH # delete oldest snapshot $RSYNC -avz --delete-after -e "ssh -i /path/to/keyfile" $ORIG $DEST
this will upload the backup on server
to rotate the backups use the following via cron:
#!/bin/bash # paths and progs I use DEST=/backup/ RM=/bin/rm MV=/bin/mv CP=/bin/cp TOUCH=/usr/bin/touch #don't use anything else unset PATH # delete oldest snapshot if [ -d $DEST/weekly.3 ] ; then \ $RM -rf $DEST/weekly.3 ; \ fi ; # rotate other snapshots if [ -d $DEST/weekly.2 ] ; then \ $MV $DEST/weekly.2 $DEST/weekly.3 ; \ fi; if [ -d $DEST/weekly.1 ] ; then \ $MV $DEST/weekly.1 $DEST/weekly.2 ; \ fi; if [ -d $DEST/weekly.0 ] ; then \ $CP -al $DEST/weekly.0 $DEST/weekly.1 ; \ fi;