More from: backup

Ransomware

locked-computer-cartoonIn an ideal world, all people would be informed, intelligent, and there would be no sociopaths. But in reality computer users are not normally technically adept: to them their computer is just a thing they use to get work done or for entertainment, and they treat it like a radio, television, or coffee maker. In a real work environment, until something really bad happens, people use Windows XP ten years after Microsoft stopped supporting it, never apply updates as ‘they are too annoying’ and ‘people are busy’, and they click on everything just to see what happens. Readmore..


Backup using rsync with non-standard ssh port

locked-computer-cartoon*nix systems have rsync to back up or synchronize (mirror) their files to a backup computer. For example I can back up the files on my home computer to my office computer. rsync does not copy files that have not changed. The syntax is something like

rsync -avzhe ssh /home/mydir/ mylogin@myserver.org:/home/mydir/ 

The -a is archive, same as for cp. -v is verbose so you can see each file in process and how long until it is finished. the -e lets you specify an alternate communications protocol, in my case ssh.

Note: SSH must be working on both systems for rsync to work using SSH. Also note OpenSSH can be unreasonable and inobvious about permits — the target login directory (example: /home/mylogin) must NOT be writable by group or other. Mostly this will not be a problem — chmod 06755 /home/mylogin will work. BUT also note the /home/mylogin/.ssh folder MUST be 0700 (or possibly 0744) and the /home/mylogin/.ssh/authorized_keys file must be 0700. Otherwise SSH simply returns “Permission denied (publickey).” and refuses to connect. Yeah, someone didn’t think that one through all the way.
Note: you can pull / push files around a few at a time without checking dates and such by using scp. It is like the copy command, cp, but works through ssh. Format example:

scp mylogin@mycomain:/myfilename .

I had a couple problems when I tried rsync initially:

  1. It wiped out my ssh credentials (2048 bit key in /home/mydir/.ssh/authorized_keys) on the remote system by copying the .ssh/authorized_keys in my local system right over the top of it — probably not a good idea to copy your hidden folders up to the remote system.
  2. I use non-standard port numbers for ssh to make hacking me a little more interesting and I found nothing obvious in the docs about how to do it.

I solved these problems in the little script below and also email myself a report when it is done. Note the app I used to send the email is “sendemail” with an “e” in the middle, not “sendmail”: I removed mailutils because I do not run mail servers at this time and that makes it a bit more interesting to hijack my systems for spamming since there is no app to send the spam — remove all programs you don’t need to reduce vulnerabilities. The sendemail program can be installed from the repositories.

#!/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
DEBIAN_FRONTEND=noninteractive
#
NOW=$(date +"%Y%m%d-%H%M%S")
LOGME="/home/mydir/log/rsync-$NOW.log"
LOGDIR="/home/mydir/log"

if [ -d "$LOGDIR" ]
then
echo "Log folder located at $LOGDIR"
else
echo "Creating log folder at $LOGDIR"
mkdir $LOGDIR
fi

echo ===
echo $HOSTNAME batch job nightly mirror to my backup server $NOW
echo ===

rsync -avzhe 'ssh -p2222' --progress --exclude='\.*' /home/mydir/ mylogin@myserver.org:/home/mydir/ >$LOGME

sendemail \
-f $HOSTNAME@myserver.org \
-t receiver@mydomain.com \
-u "$HOSTNAME Nightly Mirroring Report" \
-s my-mail-server.net:port# \
-xu "sender@mydomain.com" \
-xp "my-password" \
-o message-file=$LOGME