[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] How to run duplicity with a Cron Job
From: |
jonathan . w . smith |
Subject: |
Re: [Duplicity-talk] How to run duplicity with a Cron Job |
Date: |
Thu, 01 Sep 2005 16:32:47 +0000 |
Thanks again for the consideration of a reply
Whether I access the backup machine by means of 'ssh -l source1
your.backup.machine' or 'ssh address@hidden', I am prompted for my account
password on the backup machine, which, if I enter the correct password, I then
have access to the backup machine.
The password prompt is a different prompt than the one that I get when I use a
remote backup script to ask duplicity to create a backup. That prompt is "Enter
passphrase for key '/root/.ssh/id_rsa':"
I hope that is clear. I do get confused.
I was confused in your example when you gave the user the name of source1 on
the backup server. This was the same name as the example of a name for a server
that was the source of files to be backed up.
Just to show you how stupid a user I can be!
-------------- Original message ----------------------
From: Mitchell Perilstein <address@hidden>
>
>
> Jonathan W. Smith wrote:
> > 4. Are you able to simply "ssh remote_machine -l root" doing the same thing
> > your cron job will do?
> >
> > That one threw me. I will have to read the man for ssh to try to understand
> > better that suggestion. I do know that I lack and always will lack root
> > privileges on the machine to where I am asking duplicity to place an
> > encrypted, compressed backup.
>
> Here's what I do to duplicity from a variety of source machine "SOURCE1",
> SOURCE2, etc. as
> root to one backup machine BACKUP with no root usage on BACKUP.
>
> 1. make a plain user account on the backup machine called SOURCE1.
>
> 2. as root on source1, ssh-keygen -t dsa
>
> 3. copy source1 root's id_dsa.pub to source1's authorized_keys file on the
> backup machine.
>
> 4. as root on source1, you should be able to do this:
>
> ssh -l source1 your.backup.machine
>
> which means go there as that user. Notice I didn't mention passwords. If
> you
> give a
> password in step 2, you'll need to mess with the agent as you've discovered,
> on
> every
> source host. If you don't give a password, there will be no agent required
> to
> have
> password-less SSH to backup host. This means someone could get user access
> on
> your backup
> machine by stealing root's .ssh directory on any of your source machines, but
> not root
> access immediately.
>
> In either case, you might want to have the source users run in some kind of
> chroot jail on
> the backup machine. They only neeed to run a few programs.
>
> 5. Once you can shell to the backup machine with no password, duplicity is
> ready
> to run
> from cron. Your cron script can do something like this:
>
> #!/bin/sh
> myname=`hostname`
> server=your.backup.machine
> duplicity ... source specs ...
> scp://address@hidden//home/${myname}/backups
>
>
> hope this helps someone,
> --
> Mitchell Perilstein
> Partner
> ACE Technology Group, LLC
> http://www.acetechgroup.com
> (866) 229-1543 x11
>
--- Begin Message ---
Subject: |
Re: [Duplicity-talk] How to run duplicity with a Cron Job |
Date: |
Thu, 1 Sep 2005 15:34:12 +0000 |
mitch.vcf
Description: Vcard
--- End Message ---