ssh を用いたパスワードなしの自動バックアップ
ServerA から ServerB へ ssh で自動バックアップを取る。
serverA でパスフレーズ無しの鍵を作成する。
$ ssh-keygen -t dsa -N "" -f ~/.ssh/backup_from_serverA_to_serverB Generating public/private dsa key pair. Your identification has been saved in /home/userA/.ssh/backup_from_serverA_to_serverB. Your public key has been saved in /home/userA/.ssh/backup_from_serverA_to_serverB.pub. The key fingerprint is: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx userA@serverA The key's randomart image is: +--[ DSA 1024]----+ | | | + . . | | o o . . | | + . | | S + . | | . = o | | *. .. | | o++o .o | | ooo++. E | +-----------------+
serverA から serverB へ公開鍵をコピーする。
$ scp ~/.ssh/backup_from_serverA_to_serverB.pub userB@serverB:~
serverB で authorized_keys に公開鍵を追加する。
$ cat backup_from_serverA_to_serverB.pub >> ~/.ssh/authorized_keys
serverB で追加した公開鍵に制限を課す。
パスフレーズなしのこの鍵では、特定の処理しかできないようにする。
$ vi ~/.ssh/authorized_keys
from="serverA",command="cat > /backup/serverA/proj_`date +%Y%m%d_%H%M`.tar",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-dss xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
serverA でバックアップスクリプトを cron で動作させる。
$ sudo vi /etc/cron.daily/backup
#!/bin/sh
DATETIME=`date +%Y%m%d_%H%M`
echo "Archiving..."
tar zcf /tmp/proj_${DATETIME}.tgz /proj
echo "Sending the archive to serverB..."
cat /tmp/proj_${DATETIME}.tgz | ssh -i ~/.ssh/backup_from_serverA_to_serverB serverB -l userB
