Thursday, April 30, 2009

RSync and SSH Keys - A Presentation on backups

Recently I did a presentation on RSync and RSnapshot focusing on using it for backups. You can down load the presentation from http://www.theonealandassociates.com/files/rsyncPortable.zip or if you do not have Open Office yet (a free and powerful Office suite comparable and compatible with MS Office and Word Perfect) or another application that can handle the ultra efficient open document formats, you can get the power point version (at twice the total download size) at http://www.theonealandassociates.com/files/rsyncPortable1_with_ppt.zip
The presentation is narrated and is easy to follow, but for you looking for the cliff's note version

1. You do not need to set up an rsync server to use rsync. The server function handles file browsing and other functions and set up is not required for transfers.
2. If your going to automate your backups going from one computer to another, you should implement some basic security. Moving your files over SSH for example is easy, but you need to set up a pair of ssh keys so that you don't have to enter a password to shh from one server to another. Simply perform the flowing commands from the production server (now known as Server A) and just use remote execution to perform your work on the backup server (hence forth know as Server B)
2.i) backupuser@ServerA:~> ssh-keygen -t rsa
    a) Do not enter a passphrase (just hit enter)

2.ii) backupuser@ServerA:~> ssh backupuser@ServerB mkdir -p .ssh
    a) This creates an ssh directory for the backup user on server B

2.iii) backupuser@ServerA:~> cat .ssh/id_rsa.pub | ssh b@B 'cat >> .ssh/authorized_keys'
    a) This moves the contents of your public key to the remote servers authorized keys file
    b) You can just as esaly open a second terminal window, log into server B, vi the .ssh/authorized keys file, and cut and past from the vi window of your .ssh/id_rsa.pub file on server A
2.iv) backupuser@ServerA:~> ssh b@B chmod 0700 .ssh/
2.v) backupuser@ServerA:~> ssh b@B chmod 0600 .ssh/authorized_keys
    a)If you don't restrict the permission SSH will ignore the file by default and the whole thing will fail to function.

3. Set up an automates script containing a command like
3.i) rsync -a -r -v -t -z --stats --progress -e ssh /dir/for/destination/files/ backupuser@ServerB.MyDomain.com:/dir/for/source/files/
3.ii) there are more detailed instructions for windows and Linux inside the presentation.

You can verify the whole thing is working, and trouble shoot problems, by ssh'ing witht he verbose option -vvv and looking at the recipiants logs /var/log/secure
backupuser@ServerA:~> ssh -vvv b@B
b@B sudo -tail -f /var/log/secure



Your basically done. Though the presentation fills a nice half hour time slot and provides more detail; as such I highly recommend downloading it from the links at the top of the post ;)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)