Laptop Backup via Rsync + SSH

I was playing around with rsync the other night. Now I have a scripted command so I can backup folders from my laptop back to the external harddrive on my iMac at home. You can find the command below.

We need to assume you have done several a couple of things to improve the security of your SSH at home.

  1. Moved from the standard tcp 22 port to a new port: example 5346
  2. Turned off password authentication in favor of public-private key authentication.
  3. Have your ssh private key saved somewhere on your laptop simple like the default ~/.ssh folder. The default keyname is id_rsa if you generated your key with a command like
    ssh-keygen -t rsa
  4. The folder we want to backup is called Documents just in our home folder on our Apple Powerbook.
  5. We will assume you registered a Dyndns name for you home machine.: example home.homedns.org
  6. The username on your home iMac or *nix box is: username
  7. The external drive is called: ExternalDrive

Here is the command you would issue on your Mac or *nix laptop. It should all be on one line. The best part is that it will take a while depending on how much stuff you have in your Documents folder. After that it will only sync over the changes. Perfect when away from home and you want a backup safely off your laptop.

rsync -avrz -e “ssh -p 5346 -i .ssh/id_rsa” Documents username@home.homedns.org:/Volumes/ExternalDrive/Backups/Powerbook

Share

4 Replies to “Laptop Backup via Rsync + SSH”

  1. Even better, get rid of the -e flag and use the key loaded into your ssh-agent. Set the port preference for the host in ~/.ssh/config and lose that too.

  2. Even better, get rid of the -e flag and use the key loaded into your ssh-agent. Set the port preference for the host in ~/.ssh/config and lose that too.

  3. Actually the port is on purpose. I dont want to change the default port. When in my home I keep it on 22. It’s only from remote that the port is mapped to a non standard to help avoid automated ssh scanning and exploits. I don’t have to type my key passphrase often enough that I need to run an agent.

  4. Actually the port is on purpose. I dont want to change the default port. When in my home I keep it on 22. It’s only from remote that the port is mapped to a non standard to help avoid automated ssh scanning and exploits. I don’t have to type my key passphrase often enough that I need to run an agent.

Comments are closed.