Rdiff Backup

From Tomp Online Wiki

Contents 1 Introduction 2 Installation 3 SSH Configuration 4 Remote Destination Preparation 5 Run The Backup 6 Securing SSH

Introduction

This page documents how to setup the rdiff-backup tool, which provides the ability to efficiently synchronise files to a remote destination, and store snapshots over time.

Installation

First, install the rdiff-backup package, or get from http://www.nongnu.org/rdiff-backup.

I use rdiff-backup on the source location and synchronise to a remote destination.

This allows me to script the rdiff-backup command around LVM snapshots to get consistent backups.

SSH Configuration

You need to generate an SSH key pair on the source server:

ssh-keygen

Then copy the /root/.ssh/id_rsa.pub contents into /root/.ssh/authorized_keys on the remote server.

To allow you to specify SSH options (such as port and cipher) create a config file:

/root/.ssh/config

host mybackup
        hostname backup.server.com
        port 2222
        user root
        identityfile /root/.ssh/id_rsa
        compression yes
        protocol 2
        cipher blowfish

You should now be able to SSH from the source server to the destination server using the command:

ssh mybackup

If this does not work, check you have installed the keys correctly.

Remote Destination Preparation

Create the backup destination directory on the remote server:

mkdir /backup

Run The Backup

rdiff-backup --print-statistics /home/myfiles mybackup::/backup/myfiles

Securing SSH

Finally, once you have a working backup, you can improve the security of your remote backup server with some SSH options.

Append to the line in /root/.ssh/authorized_keys you added earlier:

command="rdiff-backup --server",from="myserver.example.com",no-port-forwarding,no-X11-forwarding,no-pty

This will prevent the owner of the private key from getting general access to the remote backup server.