Nico Kadel-Garcia <nkadel <at> gmail.com> writes:
this. I'm particularly looking for well integrated rsync over SSH
*push* setups. rssh only supports rsync pushing with complex chroot
cage setups, for each repository, and that gets nasty fast for a
hundred chroot cages, and I've not tried using these tools to support
rsync push targets.
Any well integrated solutions out there?
Hi -
I've been developing a Unix backup program, HashBackup, for a couple of years.
The backup is created on the client, then pushed to an offsite server. You can
do the push via ssh, rsync (either with or without ssh), ftp, Amazon S3, Google
Storage, CloudFiles, etc.
The backup would be run under root on the client, creating a local HashBackup
archive on the client. On my machines, the local backup is about 50% of the
space required by the files backed up, even including 4 weeks of history, and
provides redundancy: your remote backup server would only be needed for disaster
recovery, not routine restores.
The local backup is sent offsite with rsync setup in the hb dest.conf file.
Since the backup is encrypted, you could use rsync -> rsyncd to avoid ssh
overhead. That does expose the rsync protocol and remote backup directory name
though. If you're concerned about network sniffing, rsync over ssh would be
better. You might be able to use a single userid on the backup server for all
100 clients by storing the backups in unique subdirectories with long random
names. This would prevent clients from accessing any backup directory except
their own. You would need to make sure the top-level backup directory
permission is 100 (execute-only for owner) so that if a client ssh'd to the
backup machine, they could not do an ls to see the other client directory names.
Or, make sure they can only execute rsync in your ssh authorized_keys file.
If you have any questions, I'd be glad to help you setup some tests. The beta
site is www.hashbackup.com
Jim
prirun < at > gmail.com
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
rsnapshot-discuss mailing list
rsnapshot-discuss < at > lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rsnapshot-discuss
