Using rsync over ssh to perform backups
| August 1st, 2009Due to the low cost of hard disk space, the popular backup method is from hard disk to hard disk. When backing up systems, I use rsync to synchronize data directories from one system to another. Using SSH, this data transfer can be encrypted and even performed securely across the Internet.
The first step is to set up ssh and ssh keys. These will allow one system to authenticate to another non-interactively. Access to these keys must be tightly controlled, as they allow remote authentication.
- mkdir /root/keys
- chown root:root /root/keys
- chmod 700 /root/keys
- ssh-keygen -t dsa -b 2048 -f /root/key/`uname -n`-rsync-key
- When prompted for a passphrase, simply press enter
- scp `uname -n`-rsync-key.pub user@remotehost:/root/.ssh/
- from the remote server: cat backuphost-rsync-key.pub /root/.ssh/authorized_keys
To backup systems, I create a script in /root/bin for each remote host I am backing up. The example below is used to backup a web server’s data files and configuration.
#!/bin/sh
RSYNC=/usr/bin/rsync
SSH=/usr/bin/ssh
KEY=/root/keys/local host name-rsync-key
RUSER=remote user name
RHOST=remote host
LPATH=/data/backup/$RHOST/
BACKUPDIR=`date +%A`
OPTS=”–force –ignore-errors –delete –backup –backup-dir=$LPATH/$BACKUPDIR -az”
$RSYNC $OPTS -e “$SSH -i $KEY” $RUSER@$RHOST:/home $LPATH/current
$RSYNC $OPTS -e “$SSH -i $KEY” $RUSER@$RHOST:/srv $LPATH/current
$RSYNC $OPTS -e “$SSH -i $KEY” $RUSER@$RHOST:/etc/apache2 $LPATH/current/etc
$RSYNC $OPTS -e “$SSH -i $KEY” $RUSER@$RHOST:/etc/mysql $LPATH/current/etc
Each backed up host will have a unique directory, with a full backup in the current directory and differentials in directories based on the day of the week.