Rsync is a command line utility that is used to synchronize files between two computers over a network to synchronize files between two computers, or servers. Presently, I am using it as a way to backup data from one server to a backup server. My goal here is to show a way to set up a linux server to fully, and automatically backup another server. I'm sure there are better ways to do this with more security. However given my particular application, a very small network, with two seperate firewalls to the internet, and just two users, I felt it acceptable to take this approach. Each situation must be taken into account if this is an acceptable method.
Rsync command options that I use are as follows:
After the command line options the source and the target machine and/or directory are given.
The command I use for rsync is as follows:
This example is being run from the backup server, and is told to connect as root to server with an IP of 192.168.2.201 and retreive everything in the /home2/data/ folder, and copy it
to the /home2/data/ folder of the backup server. (its VERY important you use the trailing slash after the directory) It is to use a ssh connection on port 1234. When this executes, the remote computer (server) will then ask for a password. Enter the password for the remote computer's root password.
The next step is to configure the two servers so the backup server will login automatically. This is done with "keys". Keys are basically files that (in this case..) allow automatic access of one computer into another computer. Just like a locked door has a key, key files "open" the other computer to you.
Here is how you do it:
Log on to the backup server
Generate a public and private key pair in the /root/.ssh folder with the
following command:
Copy your public key file (id_dsa.pub) from the backup server
to the /root/.ssh folder on the server (remote computer) with the following command:
Log on to the server
Copy the id_dsa file into the authorized_keys file with the following command:
Before you go any further, we need to check some permissions; or rsync may not act
correctly. The .ssh directory should have permissions of 700, and the
authorized_keys file should have permissions of 644. rsync will totally
ignore the keys if the permissions aren't correct.
Now go back to the original computer (backup server) and login via ssh using the -p
option (port). It should now prompt you to enter your passphrase instead of your password. Enter
your passphrase, and you should be logged into the remote computer (backup server).
After you have done this, you will no longer need to enter a password, or pass phrase on
this computer.
This will also be the case when rsync is run. The next step is to create a log file when
rsync is run. To do this, just redirect rsync's output to a file. like this:
rsync -av -e "ssh -p 1234"root@192.168.2.201:/home2/data/ /home2/data/
ssh-keygen -t dsa -f /root/.ssh/id_dsa
ssh-keygen will prompt you for a passphrase. This is basically the password for your
key. This is the password ssh-agent will use to authenticate to all your machines
that have your public key. After you enter your passphrase (make sure you remember it!), there should be
two files located in the /root/.ssh directory called: id_dsa and
id_dsa.pub.
scp -P your_ssh_port_number /root/.ssh/id_dsa.pub root@remote_server_name:/root/.ssh/id_dsa.pub
cat id_dsa.pub >> authorized_keys
You must be in the /root/.ssh directory to execute the above command. Also be sure to use
the double ">>" so you do not overwrite any other authorized keys you may have added to
the authorized_keys file. Remove the id_dsa.pub file from the /root/.ssh directory
rsync -av -e "ssh -p 1234" root@192.168.2.201:/home2/data/ /home2/data/ >>/var/log/rsync.log