Sie sind auf Seite 1von 5

Using RSync between Windows and Linux hosts over SSH

Jason Clark
ver 07.04.10

Assumptions
● The RSync server (where you backup to) is a Linux box.
● The RSync client (what you want to backup) is a windows 2000 or newer machine.
● You can install software on the Windows machine and have Administrator access.
● You have port 22 (ssh) accessible on the Linux server

Software
● rsync installed on the Linux server. This is most likely already installed for you.
● cwRsync installed on the windows machines.
● openSSH installed and configured on the Linux server. It will be installed as part of the
cwRsync install on the Windows machine automatically.

Description
RSync is an extremely powerful and flexible opensource backup solution that is used in many products.
RSync is able to use encrypted connections or plain text for its transport, allows for incremental
backups and can transfer only the specific bits of a file that changed from the last backup.
RSync will run on all Unix Operating Systems, including Mac OSX, and most Windows Operating
Systems thanks to Cygwin. An RSync backup over ssh is depicted below.

RSync over ssh


1. RSync makes a list of files on the local
machine that have changed since the last time it
ran.
2. RSync makes an ssh connection to the remote
server over an IP link.
3. RSync contacts the remote server over the ssh
link and pulls down the list of files that the server
has and the last change data.
4. RSync compares the two files and creates a
transfer list of only the files that have changed. If
specified, rsync will also prepare a diff of only
the binary data of the changed files.
5. Using ssh, rsync transfers the data that has
changed from the client machine to the server.
6. RSync updates the last change data on the
server as well as on the client. The rsync
connection is dropped, the ssh connection is
dropped and rsync exits.
Preparing the Linux server
Almost every distribution already has RSync installed and configured, so the amount of change
required is very minimal. The bulk of the work on the Linux side is ensuring that you have a defined
spot where your backups will be stored, ensuring that ssh is configured to allow key based
authentication and creating a user to run your backups.

Configuring ssh
Most likely this is already done for you, but verify that ssh will allow for key based authentication by
looking at /etc/ssh/sshd_config

grep PubkeyAuthentication /etc/ssh/sshd_config


#PubkeyAuthentication yes

If your results don't match the ones above, simply edit that file to match and restart openssh.

Defining where backups will be stored


This is simply for you to remember and have available for when we configure the windows boxes. I
prefer to use /mnt/backups, but it can be any directory you choose. The important thing to keep in mind
is that you have enough disk space to be able to support your backups. If you should decide at some
point to do incremental backups, you will need to also keep those additional space requirements in
mind. For the remainder of this document, we will assume you are using /mnt/backups/

Creating a backups user


Your backups should be run as an unprivileged user that has limited access. I prefer to use a user
simply named “backups”. Since we are using ssh as our transport, the user must have a valid home
directory and shell. Run the following command as root to add the backups user.

useradd -m -s /bin/bash -d /home/backups backups

You do not need to define a password, but it may make things easier for you later on.

Preparing the Windows machine


On the windows machine, we are going to first install cwRsync, configure and test an ssh key and then
create our RSync command.

Installing the cwRSync software


This software comes with a nullsoft installer. Simply accept all of the defaults.

Configuring and testing the ssh key


Once the software is installed, login to the server as the Administrator and run the following from a
command prompt window. This will create an rsa based public and private key pair. The public key
will end up being placed on the Linux server while the private key will remain on the windows box.
Accept all of the defaults.
C:\Program Files\cwRsync\bin\ssh-keygen.exe
Generating public/private rsa key pair.
Enter file in which to save the key (/cygdrive/c/Documents and
Settings/Administrator/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /cygdrive/c/Documents and
Settings/Administrator/.ssh/id_rsa.
Your public key has been saved in /cygdrive/c/Documents and
Settings/Administrator/.ssh/id_rsa.pub
The key fingerprint is: so:me: r:an:do:m :st:ri:ng

We now need to transport the id_rsa.pub key over to the Linux server. You can do this via a
thumbdrive, FTP via binary mode, or whatever method you have available. This file should be saved
into /home/backups/.ssh/authorized_keys.

cat id_rsa.pub >> /home/backups/.ssh/authorized_keys

At this point, you have setup public key authentication between the windows machine and the Linux
server. To test, run the following from the windows machine. You should be logged into the Linux box
over ssh without being prompted for a password. If you have to type in a password, go back through
this document again and see what step got missed.

C:\Program Files\cwRsync\bin\ssh.exe backups@ip.of.linux.server


Last login: Tue Apr 10 from Cerebus
backups@file_server:~$

Final configuration and running the backup


The final piece is a dry run to make sure everything is working like it should. On the windows
machine, run the following command. Replace SERVER with the dns name or IP of your Linux box.

C:\Program Files\cwRsync\rsync.exe -auvn –delete -e ssh /cygdrive/c/


backups@SERVER:/mnt/backups
building file list...
Lots of info and some errors because we are doing a dry run
..
..
rsync error: some files could not be transferred

The command we just ran did the following.


rsync.exe -Run rsync.
-a -archive mode. Maintains owners and permissions and what not
-u -update mode. Any file that is newer on the server then on the client is not overwritten
-v -verbose. Spits lots of stuff onto the terminal so we can see what's going on
--delete -delete any file that doesn't exist on the sender to keep up with deletes on the client side.
-n -dry run. Don't actually do anything.
-e -specify the remote shell to use, in our case ssh
/cygdrive/c -our source data, the C: drive
backups@ -login as the backups user
SERVER -this should be changed to the ip or dns name of the Linux box we are backing up to.
:/mnt/backups –where we are dumping our files to on the Linux box.
Once that command has run, we can give it a real go by simply taking the “n” out of the “-auvn”
switch.

C:\Program Files\cwRsync\rsync.exe -auv –delete -e ssh /cygdrive/c/


backups@SERVER:/mnt/backups
building file list...
Lots of info and some errors
..
..
rsync error: some files could not be transferred

At this point, RSync is backing up your windows machine to the Linux server! This first backup will
take a bit of time and you will get some errors about being unable to open certain log files because
windows likes to exclusive lock logs. Once the first run has completed, feel free to run this command
again and notice how much faster it runs! RSync is now only moving the bits that have changed across
the ssh connection. This command can now be stored in a batch file and run every day at a specific
time on the windows box.

NOTE that this does NOT take care of rotating backups. The /mnt/backups directory will always store
the most current backup., giving essentially one days worth of changes. The easiest way to do rotating
backups is to exploit the hardlink support of Rsync. The command only changes by one switch and a
directory, but it does require some additional work on the Linux server side.

Preparing the Linux server for rotating backups


Going back to our Linux server, we are going to implement a cron job that will rotate a symlink for us,
allowing rotating backups. The backups are configured for 7 days of rotation with the most current
backup always being stored in /mnt/backups/current. Older backups are
in /mnt/backups/DAY_OF_THE_WEEK, or /mnt/backups/Sunday for example. It is very important
that this script gets run before the backup script is run, adjust your crontab accordingly. Copy the
following script into a file that gets run by cron once a day at least 1 hour before the backups are run.

#!/bin/bash
# Directory to backup to
DIR=/mnt/backups
YESTERDAY=`date +%A --date yesterday`
TODAY=`date +%A`
if [ ! -d $DIR/$TODAY/ ]; then
mkdir -p $DIR/$TODAY/
# Setup $DIR/current
ln -s $DIR/$TODAY $DIR/current
#setup $DIR/previous
ln -s $DIR/$YESTERDAY $DIR/previous

When run, this will create a symlink in /mnt/backups to current and previous. Now we just need to
tweak our backup command to look like this
C:\Program Files\cwRsync\rsync.exe -auv –delete –link-
dest=/mnt/backups/previous -e ssh /cygdrive/c/
backups@SERVER:/mnt/backups/current

And we now have 7 day rotating, incremental backups. You can verify that the symlink worked by
looking at the directory usage on the Linux servers backup directories

Restore is simply copying any file you want from the day of the week that you want back to your
windows machine via a thumbdrive, ftp, etc.

Das könnte Ihnen auch gefallen