how to 🪄

How to automatically Backup Your Files to a Remote Server with Rsync.

The Rsync command on Unix-like operating systems synchronizes files from a source to a destination, either locally or remote network connection. Rsync is a file-copying program that is both quick and flexible.

Gabriella Bennett, Scarlett Clarke, Aleksandra Sloan, yannick Coffi, Kenzo Kylo

Dec 14, 2023 • 6 min read

Rsync has a plethora of settings that allow you to fine-tune every element of its behavior. It is well-known for its delta-transfer algorithm, which lowers the amount of data transferred over the network by transferring just the differences between the source and destination files.

Have you become bored of doing manual backups on a daily or monthly basis? Have you ever gotten yourself disconnected during a transfer? – Not a problem. Rsync continues the process once the connection is restored.

If that's the case; this tutorial will be in handy.
Let's now dive into it; considering our remote host is using Port 2222 instead of the default 22.

Install RSYNC.

First, make sure rsync is installed.
Run the following command:

$ rsync --version

OUTPUT

rsync  version 3.2.7  protocol version 31
Copyright (C) 1996-2018 by Andrew Tridgell, Wayne Davison, and others.
Web site: http://rsync.samba.org/
Capabilities:
    64-bit files, 64-bit inums, 32-bit timestamps, 64-bit long ints,
    socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,
    append, ACLs, xattrs, iconv, symtimes, prealloc

rsync comes with ABSOLUTELY NO WARRANTY.  This is free software, and you
are welcome to redistribute it under certain conditions.  See the GNU
General Public Licence for details.

If you get a similar output as the one above you are all set for the next section.
Otherwise, you need to install.

$ sudo apt update && sudo apt -y install rsync

...
..
.

Generate our SSH Keys.

To authenticate the connection between our local host or a remote server, we will need an SSH key.
Basically; in the SSH protocol, an SSH key is an access credential. Its role is similar to that of user names and passwords, although the keys are typically used by system administrators and power users for automated operations and enabling single sign-on.

Run the following command to generate a new SSH key on your local machine.

$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/rsync.key

-----BEGIN OPENSSH PRIVATE KEY-----

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in rsync.key
Your public key has been saved in rsync.key.pub
The key fingerprint is:
SHA256:3VLyG9zRxcbVuxOhqJTl6GHs+E4Sg/3fTJwk1xXCSkM xxxx@xxxxxx
The key's randomart image is:
+---[RSA 4096]----+
|          .E.. +=|
|           + ..oB|
|        . B = o.=|
|      o  O X o.+.|
|     . +S =.=o..o|
|       .++ .=o.o |
|       ..o  .+  .|
|        o.. +    |
|        .. . o   |
+----[SHA256]-----+

here:

-t : specifies the type of key to create.
The possible values are ''rsa1'' for protocol version 1 and ''rsa'' or ''dsa'' for protocol version 2.

-b : specifies the number of bits in the key to create.
For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
Generally, 2048 bits are considered sufficient.
DSA keys must be exactly 1024 bits as specified by FIPS 186-2.

-f : specifies the filename of the key file.

When prompted for a password, leave it blank and hit the Enter key twice.
This will generate two new files within your ~/.ssh/ directory: rsync.key which is the private key, and rsync.key.pub, the public key.

The private key should always be kept in a safe place and never be shared with anyone; NEVER EVER.
It's essential for data integrity.

Set up the Remote Server.

To allow both hosts to be authenticated, the public SSH key that we generated earlier needs to be copied over to the remote server.
We can do this in 2 ways.

1. We can use the scp command.

$ scp -pv -P 2222 ~/.ssh/rsync.key.pub remote-server@192.168.0.XXX:destination/.ssh

here:

-p: preserves modification times, access times, and modes from the original file.

-v: verbose mode.
Causes SCP and SSH to print debugging messages about their progress.
This is helpful in debugging connection, authentication, and configuration problems.

-P: specifies the port to connect to on the remote host.
Note that this option is written with a capital "P", because -p is already reserved for preserving the times and modes.

Rename the rsync.key.pub file to authorized_keys ONLY if the file authorized_keys is not already present.

$ mv rsync.key.pub authorized_keys

2. We can manually copy and paste the public SSH key line from our ~/.ssh/rsync.key.pub file.
We should see one large line that looks something like this.

$ cat authorized_keys

OUTPUT

ssh-rsa SNUBMONKEYzaC1yc2EAAAADAQABAAACAQDNhyYKsjcGGdXmzOM3742+c+TzMLFdZtrMPj1
q6JWNWzgY/gTGVy1C72kw6BcTYSG8B8kLQlaBRl16m2Gm8Ra/U1wl0TYSufOnRKjGq2g
lnBPysWNzR6i9qd4h/byKa4ptNH/ieYkT+BnSJVo8fT0iboYwEaL9D0jPtYxFzZes2cts
GZ/zi78VlX9N224YBtoZcrxK6gzKtcIVrplsXt4MbMCPc0hfr9f2VMt0HignLphTDLQWK"
wF3sGi4OHDPzNTRkjyHazsIOFIKDLQgdsIJv7b2VMs028YDqPnXHZZl4Ix5vg8ssqE+s/
J+rzS0B6gwj2b/f6Seq42ds7dh76iU/LOraWJWJhKPIjCYHdaVqj5rgxSulUW6oqr/
LOxMNwsj5NLpyKygr5/RVjCUpxQLw5G7AClmW5nOZDFUgtI1CAOzhG8oYQes7jE7ZbQ
KmMf9IGquNV1BCRGX2mbcYad77UE2IjzPqSG8pFGb7ekZA6ukUk61fqoheL4Zl2jmhh
WoXQ09LZE9FNfr1UwIoZ+GwUcip8NPIZPSo+Z4yMB/5VNF7J0o76eTNwh0gZlEw==user@host

This longline is our public SSH key.

Copy it to your clipboard, and within your remote server run this command.

$ echo "ssh-rsa SNUBMONKEYzaC1yc2EAAAADAQABAAA... user@host" > ~/.ssh/authorized_keys

here:

The output of echo will be redirected to the file authorized_keys.
We achieve this by using the > or >> operators for output redirection.
If we want to append the output to an existing file, we use >> instead of >.

Of course; the text between the quotation marks needs to be replaced with your own public SSH key line.

That's it, our local host can only now be able to authenticate with our remote server.

Configure our SSH config file.

The configuration file provides default connection information for a given host which avoids having to enter connection details manually.
A chain of numerous host settings and wildcards allows you to create default values for all servers or add custom parameters for individual servers.

Now, let's add those entries to our ~/.ssh/config file on our local host to easily connect to the remote server.

$ nano ~/.ssh/config

and add the following and save.

host backup_server
   Hostname 192.168.0.XXX
   User snubmonkey
   IdentityFile ~/.ssh/rsync.key

Change the Hostname to your remote server IP address, as well as the username; here User.
You may use anything you wish for the Host; again, here we've used "backup_server".

Also, make sure to give the appropriate read and write permissions to the current user only.

$ chmod 600 ~/.ssh/config

or

$ chmod a+rwx,u-x,g-rwx,o-rwx ~/.ssh/config

Save and close the file.

Test your SSH connection.

Run.

$ ssh -e 'ssh -p 2222' backup_server

Assuming everything is set up correctly, we should now be logged into your remote server via SSH.
Omite -e 'ssh -p 2222' if you are using SSH default port.
Close the connection with the exitcommand.

Sync. your files.

For the sake of this tutorial, we will create a test directory and some 1,000 empty files on our local host:

$ cd ~
$ mkdir snubmonkey_backup && touch snubmonkey_backup/file{1..1000}

or

$ mkdir snubmonkey_backup
$ cd snubmonkey_backup
$ touch file{1..1000}

The && characters play special roles depending on the success or failure of previous commands. The && characters will ensure that the command on the right will run only if the command on the left has succeeded if not, the second command will not run.

We now have 1,000 empty files within our snubmonkey_backup directory.

$ ls snubmonkey_backup | wc -l

OUTPUT

1000

Now, let's test the rsync functionality which is very straightforward and operates in a way that is similar to ssh, scp, and cp.

Change the downloads directory to whatever you wish your backup to be named.

$ rsync -avgtRH -e 'ssh -p 2222' ~/snubmonkey_backup/ backup_server:~/downloads/

OUTPUT

sent 53,696 bytes  received 22,050 bytes  50,497.33 bytes/sec

Again; omit -e 'ssh -p 2222' if you are using the SSH default port.

here:

-a : archive mode. This is equivalent to -rlptgoD.
It is a quick way of saying you want recursion and want to preserve almost everything.

-v : verbose mode.
Will give you information about what files are being transferred and a summary at the end. Two -vv options will give you information on what files are being skipped and slightly more information at the end.

-g : this option causes rsync to set the group of the destination file to be the same as the source file.

-t : this tells rsync to transfer modification times along with the files and update them on the remote system.

-R : uses relative paths.
This means that the full path names specified on the command line are sent to the server rather than just the last parts of the filenames. This is particularly useful when you want to send several different directories at the same time.

-H : preserves hard links.
Without this option, hard-linked files in the source are treated as though they were separate files.

-e : this option allows you to choose an alternative remote shell program to use for communication between the local and remote copies of rsync.
Typically, rsync is configured to use ssh by default.

Log in to your remote server, you should see your new synced snubmonkey_backup directory, under the downloads directory.
As we have mentioned earlier; each time you run the above command, only files that have been modified since the last time will be uploaded, you're not constantly uploading the entire contents of the directory.

BONUS
Automate via Crontab

In short, we use crontab to schedule tasks to run automatically at specific times. Now that everything has been tested and is working well, we can easily automate the entire process by adding a crontab task to our local host.

Let's say we want our backup to automatically sync our local folder to the remote server each day @ 9 p.m.

$ crontab -e

and add the following:

$ 0 */21 * * * /usr/bin/rsync -avgtRH -e 'ssh -p 2222' ~/snubmonkey_backup/ backup_server:~/downloads/

Change the downloads directory to whatever you wish your backup directory to be named.

/usr/bin : contains executable files that are not part of the core operating system.
rsync : the name of the program. These are considered to be "system-wide binaries".

To locate an executable file and display its path we use the which command.

$ which rsync

OUPUT 

/usr/bin/rsync

As seen, you can use rsync to create complicated backup processes and fine-grained control over what is transmitted and how it is sent if you know how to use it.

That will be it.
Thanks for stepping by and happy holidays.