Remote Network Backup

From EGEE-see WIki

Jump to: navigation, search

This document describes various (?) methods for remote network backup

ssh + rsync

This is an example of remote backup using rsync over ssh with public key authentication.

Fix a backup account at the receiver: 

root@remote# groupadd backup
root@remote# useradd -g backup                                \
                     -c 'account for automated remote backup' \
                     -d /home/backup                          \
                      backup

Create a key pair at the sender: 

root@local# cd .ssh/
root@local# ssh-keygen -t rsa -b 2048 -f backup_id_rsa
root@local# scp backup_id_rsa.pub remote:home/backup/

Allow remote logins with the public key at the receiver: 

 backup@remote$ echo                                          \
                command=\"/home/backup/bin/validate_cmd.pl\"  \
                `cat backup_id_rsa.pub`                       \
                > .ssh/authorized_keys

You can create the validate_cmd.pl script so you can filter which commands will be executed. The script could look like this: 

#!/usr/bin/perl -w
# simple script to validate commands
# executed using public key authentication
# (check .ssh/authorized_keys)

my $cmd  = $ENV{SSH_ORIGINAL_COMMAND};

if (defined($cmd)) {
       if( $cmd =~ /^rsync --server -\w+ \. backup_dir$/ ||
           $cmd =~ /^true$/ ) {
               exec $cmd;
       }
}
 
exit 0;

Finally you must create a crontab to execute the backup command: 

rsync -e 'ssh -i .ssh/backup_id_rsa'  \
      -az /foo/bar/dir_for_backup     \
      backup@remote:backup_dir
Retrieved from "http://wiki.egee-see.org/index.php/Remote_Network_Backup"
Personal tools