RSYNC Setup for Offiste Backup Copying | Linux
Summary
Run RSYNC for Offsite Backup copying from SiteA-Server to SiteB-Server
How-to
1. Create an Account on SiteB-Server
2. Create an RSA Asymmetric Key on SiteA-Server:
Copy the public key to SiteB-Server, then:
Or:
3. Set the authorized key, and sshd on SiteA-Server
Edit /etc/ssh/sshd_config. Only allow UserB from SiteA-Server:
4. Set RSYNC to run the task daily on SiteB-Server
Update
Run RSYNC for Offsite Backup copying from SiteA-Server to SiteB-Server
How-to
1. Create an Account on SiteB-Server
useradd {USERNAME}
passwd {USERNAME}
passwd {USERNAME}
2. Create an RSA Asymmetric Key on SiteA-Server:
# Private Key: ~/.ssh/id_rsa
# Public Key: ~/.ssh/id_rsa.pub
#
#@ref https://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths
ssh-keygen -b 4096 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/UserA/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/UserA/.ssh/id_rsa.
Your public key has been saved in /home/UserA/.ssh/id_rsa.pub.
The key fingerprint is: {KEY}
The key's randomart image is:
+--[ RSA 4096]----+
| |
| [.........] |
| |
+-----------------+
# Public Key: ~/.ssh/id_rsa.pub
#
#@ref https://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key_lengths
ssh-keygen -b 4096 -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/UserA/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/UserA/.ssh/id_rsa.
Your public key has been saved in /home/UserA/.ssh/id_rsa.pub.
The key fingerprint is: {KEY}
The key's randomart image is:
+--[ RSA 4096]----+
| |
| [.........] |
| |
+-----------------+
Copy the public key to SiteB-Server, then:
scp ~/.ssh/id_rsa.pub UserB@SiteB-Server
Or:
scp ~/.ssh/id_rsa.pub UserB@SiteB-Server:~/.ssh/authorized_keys
3. Set the authorized key, and sshd on SiteA-Server
touch ~/.ssh/authorized_keys
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
rm ~/id_rsa.pub
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
rm ~/id_rsa.pub
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
Edit /etc/ssh/sshd_config. Only allow UserB from SiteA-Server:
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
AllowUsers UserB@SiteB-Server
AuthorizedKeysFile .ssh/authorized_keys
AllowUsers UserB@SiteB-Server
4. Set RSYNC to run the task daily on SiteB-Server
crontab -e
0 23 * * * rsync -avz -e "ssh -p22" --del /backup-storage/ UserB@SiteA-Server:/backup-storage/ > /dev/null 2>&1
0 23 * * * rsync -avz -e "ssh -p22" --del /backup-storage/ UserB@SiteA-Server:/backup-storage/ > /dev/null 2>&1
Update