Re: backup system for servers

On 08/07/2010 11:38 AM, Michael P. Soulier wrote:
On 07/08/10 Jordon Bedwell said:

You don't need "Software" all you need is a simple bash script that 1.)
GZIP's everything but: proc, sys and others, 2.) signs said backup and
then encrypts it and 3.) an SSH cert to the other server and the time to
make said simple script. You can even use Perl or PHP, both of which
support being daemonized so you can do incremental backups or backups of
specific files based on changes. I usually prefer the Perl method, but
sometimes am forced to use PHP and when clients flat out refuse to let
me daemonize I tell them to do it themselves since it's not my problem
anyways I was just being nice and send them an SH script that does
exactly what I described.
Personally I pipe tar over ssh so I'm not dependent on enough disk space on
the machine being backed-up to create a local archive. Plus, it's only one
command that way.

Mike

I prefer it too but my clients need verbose lists of files that were backed up in certain places and we grep that out for their automatic emails.
In case the OP wants to know what we're on about, and so we don't stray to far off topic here is an example of piping tar to SSH:

tar cvpjf server_backup.tar.bz2 --same-owner \
--exclude=/proc/* \
--exclude=/media/* \
--exclude=/dev/* \
--exclude=/mnt/* \
--exclude=/sys/* \
--exclude=/tmp/* \
--exclude=/usr/tmp/* \
--exclude=/lost+found/* \
--exclude=/server_backup.tar.bz2 | ssh client_operator@xxxxxxxxxxxxxxxxx "dd of=server_backup.tar.bz2"

Also, to make things more secure, and so you can give clients access to their own shares, if this is the case, you can easily Chroot SSH to their client share. And just give them the SSH certificate (which they'll easily be able to get anyways if they're not dumb so it's better you go ahead and Chroot ahead of time) so they can pull down their own backups.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/4C5D9566.10202@xxxxxxxxxxxxx

Relevant Pages

  • Re: security for a home system
    ... I would recommend against allowing root ssh just in case. ... But then how do I rsync the backups? ... group adm can read everything, and I'm in group adm, should I just ...
    (Debian-User)
  • Re: backup Edge recovery media - with SSH
    ... >> media doesn't contain ssh, ... _DISATER RECOVERY_ is currently supported ... OpenServer 5 wasn't deemed that important for SSH on the disaster ... OpenServer 5 and the total number of people doing remote backups ...
    (comp.unix.sco.misc)
  • Re: looking for thread about backup using ssh -T
    ... There was a fascinating thread about using ssh to do backups to a remote ... neither know nor care what a split infinitive is, ...
    (Fedora)
  • Re: Preferred Backup Method?
    ... 80GB HDD. ... I'd probably keep backups for two weeks, so I've have two backups at any ... remote box via ssh. ... It's automatic, gpg security, and very easy. ...
    (Debian-User)
  • Re: Strange problem with DNS resolving on Squeeze
    ... if I try and SSH into one of our internal servers (which ... works from other clients) I get: ... ssh: Could not resolve hostname sambatest1.wrinehillvilla.local: Name or ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)