posts tagged as ssh

scripting rsync

Tuesday, 9 February 2010 6:45 am by noel
posted in tech | tags: , ,

here’s the script i use on secure backup runs using rsync—with a little modification to the names and ip addresses for security reasons—but everything else is essentially the same. i have to run this through cron because the server is headless—no monitor. i just access it via the ssh console or browser from another computer.

#!/bin/sh

DATETMP=`date +%Y.%m.%d`
RSYNC=/usr/bin/rsync
SSH=/usr/bin/ssh
# the private ssh key of the local computer
KEY=/rsyncuser/.ssh/id_local
RHOST=remote.ip.addr.ess
RPATH=/remotedata/
LPATH=/localdata/
LOGFILE=/rsyncuser/rlog.$DATETMP.log
# contains the file extensions of files to be excluded from the backup
EXCLUDES=/rsyncuser/localexcludes
OPTS="--exclude-from=$EXCLUDES"

# check if rsync is already running
RUN=`ps x | grep rsync | grep -v grep | wc -l`
if [ "$RUN" -gt 0 ]; then
echo rsync already running
exit 1
fi

$RSYNC -avz -e "$SSH -i $KEY" $OPTS $RHOST:$RPATH $LPATH >> $LOGFILE

i leave an entry in crontab to run the script once each day. sometimes a backup run goes longer than 24 hours so i needed to check if rsync is already running in the server. if the script doesn’t check, it will run another instance of the script and would slow down the server or, worse, brings it down completely.

i have to encrypt all data that gets transferred between the two computers via ssh just in case a naughty third party is “listening in”. i use 2048-bit encryption. processing the data—encrypt at remote; decrypt at local—is a little slower but i am more confident that the data will be safe from eavesdroppers.

i use the exclude-from option to exclude files that shouldn’t be backed up—music and movies—or else the backup will take too long especially on just a dsl line.

if you notice anything wrong with the script, please leave a comment.

note: this is repost from my old blog.

no comments

secure networking over the internet

Thursday, 21 May 2009 5:15 pm by noel
posted in tech | tags: , , ,

i use sshfs (secure shell filesystem) to connect to a remote drive or directory over the internet. what’s so cool about this program is that it presents to the user the remote drive or directory as a folder in the local computer–like it was just another folder in the user’s computer. all communication between the local and remote computer is encrypted.

to mount a remote directory to the local computer:

sshfs user@host:remotedir mountpoint

example, to mount the root directory (/) of the remote host computer with an ip address of 192.168.20.25 as the user root issue the following command on the console:

sshfs root@192.168.20.25:/ /home/noel/localmountpoint

where:
localmountpoint: is an empty subdirectory under noel’s home folder in the local computer

you’d then see a folder named localmountpoint on your desktop containing the files and folders of the remote computer. expect access to be slow if your internet connection is slow.

to unmount the remote directory

fusermount -u localmountpoint

if you don’t have sshfs installed, you can easily (apt-)get it from the repositories:

sudo apt-get install sshfs

links:
secure shell (ssh)
fuse homepage

note: this post is an expansion of my previous post about sshfs

no comments

ssh filesystem

Wednesday, 19 March 2008 11:57 pm by noel
posted in nothing | tags: , ,

ssh filesystem (sshfs) is filesystem client based on the ssh file transfer protocol.

to mount a filesystem:

sshfs hostname: mountpoint

to unmount a filesystem:

fusermount -u mountpoint

reference: ssh filesystem

no comments