Automatic

Source

As promised, let's talk about automated backups to a remote server.

Let me stress, first of all: the most important characteristics of a sensible backup scheme is that the backup takes place automatically, without any user intervention. Without this automatism, the backup you'd need will be missing since it was never made. That's one of Murphy's laws which is valid strictly!

There's one very elegant and secure way to do just that, which I'll describe in the following. Note that this way is not standardized amongst the various distributions. I trust you to find the culprits and solutions for the specific distribution of interest for you ... the following, however, applies to Mandriva.

First of all, make sure that you have installed OpenSSH. Generate a SSH2-DSA key pair by executing 'ssh-keygen -t dsa' in a terminal. Set a passphrase to protect your private key! Next, issue 'ssh-copy-id server.name.xy' to copy your credentials to the remote server. Follow the instructions.

Next, install keychain as well as one of the ssh-askpass dependencies (personally, I prefer gnome-ssh-askpass). Keychain is a frontend for ssh-agent, which in turn provides a secure way of storing the passphrase of your private key. For doing that, ssh-agent creates a socket in /tmp with restrictive permissions and then checks the connections from ssh. Keychain allows you to have one ssh-agent process per system, rather than per login session. That is, keychain will ask for your ssh passphrase only upon reboot.

Now, just try and reboot. Being asked for your ssh passphrase? Good! Note that keychain also manages gpg-agent.

For automation, we utilize cron. Copy the following two lines:

#Backup
15 11,14,17,20 * * *    source $HOME/.keychain/${HOSTNAME}-sh; $HOME/bin/backup.rdiff

Save them as 'cronentry' to a temporary location. Open this file with any editor and modify the path to your backup script (which may look just like the backup.rdiff I've shown here). Furthermore, change the time (the first number indicates the minute, the second the hour of a daily backup. The above, for example, means that the backup is processed daily and each three hours between 11.15 AM to 20.15 PM.) Then, execute 'crontab cronentry' in a terminal to create your crontab entry.

That's it. You should now enjoy a fully automatic backup. If you want to change, say, the intervals of your backup scheme, use 'crontab -e'.