Remote backups & hell.

What I’ve been trying to do lately, is copy backups from one computer in the network to another – in a different building.

I wanted to do this through sftp.

And I wanted it to be automated.

Sftp was nice enough to work with bach files easily. Cron is cool and all of that.

But SFTP did not want to accept passwords through command line.

So I played with Authenticating by Public Key via OpenSSH, as described in the previous link. Which seemed to know about stuff. Stuff that I don’t know about.

Stuff that I should’ve been wary about.

So I ended up destroying my ssh security – everyone from everywhere could log to any account with any password.

Not good.

And I couldn’t fix it. Removing what I had done seemed to not be working.

Luckily, the fine folks at the gentoo forums managed to help me get back on my feet. Re-emerging openssh and crushing my old config files seemed to have hellped.

Then I found another fella who seemed to play with these keys (Automated backup through SSH, by Cliff Changchung Zou). Only his tutorial was using words I felt secure about.

Things such as: make a backup on computer A. get computer B to download backup from computer A.

Okay. I can deal with that.

And I did.

And it works.

And my security does not feel more compromized than it was.

(Just in case you’re a worried client – That’s why I’m having experts set up the security on the servers such as where this blog is being hosted 😛 )

2 thoughts on “Remote backups & hell.

  1. I’d strongly suggest you look into rsync (and derivatives) for your backup jobs. rsync is usually tunnelled in ssh so you get the same security as your sftp connection; but rsync manages to transfer only "diffs" so the bandwidth (and time) needed to backup are reduced.

    Plus, some brilliant wrapper around rsync ( http://www.rsnapshot.org/ ) can do amazing stuff like a simple grandfather-father-child-type backup, using hard links (meaning that files that didn’t change from the previous backup are just links).

Comments are closed.