Once upon a time, we used ufsdump to periodically backup unix file systems to tape. Tapes are rapidly becoming obsolete and its becoming more cost effective to buy two disk and use one for a backup using rsync. If you want to be even more reliable, you can backup to a disk that is on a different computer using ssh with rsync. And you can automate things by doing your backup from a cron every night.

Before you run crontab, make sure your EDITOR environment variable is set to whatever you're most comfortable with (e.g. setenv EDITOR vi). Otherwise the default is ed and only people who also compose in nroff like to use ed.

We run our cron's on the computer that has the backup disk. We like to keep a log of what happened so we use two cron commands. The first one makes sure the file exists and runs first. The second command does the actual rsync. Use the command crontab -e and add lines that look something like this:
10 23 * * * /bin/touch /dsk3/d3/shakeworm/shakeworm_sync.`date "+\%m\%d\%y" | cut -c2-3,5-6,8-9`.log
12 23 * * * /opt/sfw/bin/rsync -av --delete --rsync-path=/opt/sfw/bin/rsync -e /usr/bin/ssh shakeworm:/export/home/ew/ /dsk3/d3/shakeworm > /dsk3/d3/shakeworm/shakeworm_sync.`date "+\%m\%d\%y" | cut -c2-3,5-6,8-9`.log 2>&1

The # are comment lines and are ignored by cron.

The touch command makes sure the file exists for updating and gives it an extension based on the date.

The rsync command sync the /export/home/ew directory on shakeworm with the /dsk2/d3/shakeworm directory on the backup machine. It uses ssh to do this (requires passwordless ssh login access by the user from the backup machine to shakeworm) and it stores stdout in the log file.

Lets say you want to copy between two hosts host_src and host_dest. host_src is the host where you would run the scp, ssh or rsyn command, irrespective of the direction of the file copy!

1. On host_src, run this command as the user that runs scp/ssh/rsync

$ ssh-keygen -t rsa

This will prompt for a passphrase. Just press the enter key. It'll then generate an identification (private key) and a public key. Do not ever share the private key with anyone! ssh-keygen shows where it saved the public key. This is by default ~/.ssh/id_rsa.pub:

Your public key has been saved in /.ssh/id_rsa.pub

2. Transfer the id_rsa.pub file to host_dest by either ftp, scp, rsync or any other method.

3. On host_dest, login as the remote user which you plan to use when you run scp, ssh or rsync on host_src.

4. Copy the contents of id_rsa.pub to ~/.ssh/authorized_keys

$ cat id_rsa.pub >>~/.ssh/authorized_keys
$ chmod 700 ~/.ssh/authorized_keys

If this file does not exists, then the above command will create it. Make sure you remove permission for others to read this file. If its a public key, why prevent others from reading this file? Probably, the owner of the key has distributed it to a few trusted users and has not placed any additional security measures to check if its really a trusted user.

5. Note that ssh by default does not allow root to log in. This has to be explicitly enabled on host_dest. This can be done by editing /etc/ssh/sshd_config and changing the option of PermitRootLogin from no to yes. Don't forget to restart sshd so that it reads the modified config file. Do this only if you want to use the root login.

You can restart sshd using /etc/init.d/sshd restart.

Back to CERIComputing