Linux / Fedora Core: How To Use rdiff-backup To Pull Backups

rdiff-backup is a popular, free, open source mirroring and incremental backup system for posix based operating systems like linux & Mac OS X. It uses rysnc algorithm through librsync but it doesn’t use rsync. The documentation of rdiff-backup focuses on push model for backup where client machines pushes their backup data to backup server. This model is problematic when the backup server is on a well protected secure network behind a firewall. Client machines on external servers cannot easily connect to a machine behind firewall without punching a hole which reduces security of the system. A better alternative is to use the pull model where the backup server requests for backup from client machine, at regular intervals, over secure ssh connection.

The steps are as follows:
1. Create a account on the backup server just for backup purposes. I named mine backup. The account password should be disabled. For example you might have the following entries in your passwd/shadow files:

/etc/passwd
backup:x:99:99:backup:/backup:/bin/false
/etc/shadow
backup:!!:12644:0:99999:7:::

A simple way is to create the account using useradd.

2. Setup ssh to allow you to login without password from your backup server (backup account) to client machines which you want to backup.

3. Install rdiff-backup on your backup machine as well as on all the client machines

3. Create an ssh config alias, for each client machine, which defines how to contact client with the backup key. Place the following, per client machine, into /backup/.ssh/config:

host client1-backup
hostname client1
user root
identityfile /backup/.ssh/id_rsa
compression yes
protocol 2

4. Perform a test backup
rdiff-backup client1-backup::/tmp client1-backup

5. Setup cron job for unattended daily backup

There is much more you can do to further customize the process. However the steps above should get you started.