Rsync Offsite backup

[Overwan]

Hi all,

I'm interesting to configure offsite rsync backup to NAS. Can someone help me to config rsync script ?

Thanks,
Daniel

 

[heutger]

I use a backup script and lftp sync, see my features request thread. I can't help with rsync.

 

[Overwan]

When I run script it appears

ssh_exchange_identification: Connection closed by remote host
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(226) [sender=3.1.1]

Can help ?

 

[upnort]

Did you copy the public SSH key into .ssh/authorized_keys? If you do not have permissions to copy the key but have SSH password access then look at the sshpass command if you want to script the rsync command.

 

[Overwan]

I have shared public key between proxmox and NAS and I confirm public key is associated on authorized keys.

How Can I use sshpass command ?

Thanks.

 

[upnort]

Before using sshpass, verify you can manually SSH into the NAS. Use the verbose option to see the full SSH handshake output. Simple things to check include:

* Verify the SSH daemon is running on the NAS.

* nmap scan the NAS to verify port 22 is open.

* Verify the public key is copied to the correct .authorized_keys file. That is, if trying to connect as root then /root/.ssh/authorized_keys. If as a non-root user then /home/$USER/.ssh/authorized_keys.

* If you are connecting to the NAS as root, be sure to configure sshd_config correctly with PermitRootLogin prohibit-password. This configures the NAS SSH daemon to only use key pairs. Before changing that parameter be sure you can SSH into the NAS with the root password.

Remember that SSH defaults to the same user name. If you are logged in as non-root user and are trying to connect on the NAS as root, then the different user name must be part of the SSH command. For example, if you are logged in as overwan but are trying to connect to the NAS root account:

ssh -l root nas_hostname
OR
ssh root@nas_hostname

If you use more than one key pair then you need to explicitly tell the ssh command which key to use. That is done using the -i option.

You can create a slew of aliases by configuring different SSH connections in $HOME/.ssh/config. This is convenient because a simple ssh aliasname is all that is needed rather than typing the full ssh command string. For example,

Host nas_hostname
    HostName nas_hostname
    User root
    IdentityFile ~/.ssh/name_of_different_key
    ForwardX11 no
    Compression yes

The sshpass command might not be installed. Install with the appropriate package. Then the command string will look something like this, but tweak as needed for your purposes.

sshpass -p ${REMOTE_PASSWORD} rsync ${RSYNC_OPTIONS} ${EXCLUDE_DIRECTIVE} \
   $LOCAL_DIR/* ${REMOTE_USER}@${SSH_ADDRESS}:${REMOTE_DIR}

A drawback with using the sshpass command is the script needs to contain the password. The script can be written to prompt users for the password so the password is not hard-coded into the script.

Using key pairs is best for security. Even better is to protect the private key using a pass phrase. That way if the local client system is compromised the person will not be able to use the key pairs without knowing the pass phrase.

I hope that helps.

 

[r.jochum]

n1 @upnort

 

[Overwan]

Thanks finally it works !

Now I want to add some complexity to cron job.

Basically I have local backups (vzdump - history 5 Backups) everydays. Rsync (offsite backup) should run only last one from every virtual machines.

File Type: vzdump-qemu-VMID-date.vma.lzo

Someone can help ?

 

[upnort]

Look at ls -tr piped to tail -n1. Or, at the NAS, delete the oldest rsync backup with head -n1 if the number of backups exceeds 5 (if [ `ls -1 $rsync_dir | wc -l` -gt 5 ]; then ...).

 

[Overwan]

Finally It works ! But theres a issue with data speed. How can I increase speed ?