Dirvish backup through ssh tunnel12 Aug 2005
For some time now I have been trying to switch to Dirvish (from rdiff-backup) mostly because you can use a limit bandwidth which is a very important factor for me. The following is an example of configuring dirvish to use a ssh tunnel to backup through.
I assume you have created a master config file
/etc/dirvish/master.conf. Lets jump right into configuring a vault
client: root@localhost tree: / xdev: 0 index: gzip image-default: %Y%m%d exclude: var/cache/apt/archives var/cache/man tmp var/tmp
All this until now is standard dirvish stuff. Now comes the tunnel part:
pre-server: ssh -f -L 20014:rivendell:22 firstname.lastname@example.org sleep 14400 rsh: ssh -o HostKeyAlias=1114 -p 20014
pre-server is a command to run before the backup starts. The command above will create a ssh tunnel through fw.emcken.dk to rivendell on port 20014 and go into the background. The
sleep 14400 keeps the tunnel open for 4 hours when idle. Don’t worry!… your backup won’t be terminated if it is still in progress after 4 hours. The tunnel will be kept open for as long as the runnel is in use. The remote execution is just an ugly hack to ensure that the tunnel is automatically closed after use.
rsh is the important stuff. The
-o HostKeyAlias=1114 makes us able to connect to localhost without being told that someone might be trying to do a ‘man-in-the-middle attack’ and refuse to connect to the tunnel. But to use HostKeyAlias we need to specify this in
/root/.ssh/config more on this further down.
-p 20014 specifies the port we want to connect to.
The following might be useful when making backups over the internet:
zxfer: true speed-limit: 90
zxfer compress all data transmitted and
speed-limit limits the bandwidth that dirvish will use.
Now to complete the setup the machine being backed up is defined in
Host rivendell Port 20014 HostKeyAlias 1114
This is placed in root’s home dir because (on my system) root (cron) runs my backups. It is possible to create a separate user for it but I didn’t think it nessesary.
Now when you have copied your public ssh key to the machine that is going to be backed up, you are all set.
Dirvish backup through ssh tunnel by Jacob Emcken is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.