Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Backup of Windows Boxes w/o Samba?

Posted by Cliff on from the data-dumps-over-a-secure-tunnel dept.

reezle asks: "I'm looking for a good (free as in beer) method to have my Debian server back up some remote Windows machines. There is no Samba in the mix; this is supposed to be a strictly secure internet thing. I've been toying with OpenSSH on the windows computers as a good tunnel, thought of simple tools like ntbackup initiated from a script on the Linux box, but not all of the pieces have come together yet. I need to have the Linux box make the connection, back up data (full and incremental backups) and have that backup data get back to the Linux machine in an encrypted format (across the wild internet). Has anyone done something like this?"

11 of 100 comments (clear)

  1. Idea, by MoOsEb0y · · Score: 3, Interesting

    Install an SSH Server on the windows machine, use SHFS to mount the remote filesystem to a directory, then use rsync to copy it.

    1. Re:Idea, by nocomment · · Score: 3, Interesting

      I do this on my linux boxes and it works really well. A quick google talks about people doing this between *nix and windows.

      --
      /* oops I accidentally made a comment, sorry */
      /* http://allyourbasearebelongto.us */
  2. Three letters: SCP. by GregChant · · Score: 4, Interesting

    Your best bet, in a cheap and dirty solution, is to use SCP. Set up a cron job to securely copy the files you need. No muss, no fuss, no samba, and all encrypted.

    1. Re:Three letters: SCP. by cookd · · Score: 3, Informative

      If you are copying 400 GB, you'll use 400 GB of bandwidth (less with compression, perhaps 200GB) each time you back up, whether or not anything has actually changed. That's very bad.

      The advantage of stuff like rsync is that it only sends the deltas over the network. I have a daily backup of my 400 GB over the net. If nothing changes, it only uses 100k of bandwidth.

      --
      Time flies like an arrow. Fruit flies like a banana.
  3. Backup by m0rph3us0 · · Score: 3, Interesting

    Use the windows backup program to have windows make the backups then have Windows copy them to the debian box via scp.

    Or.... put Samba on the Debian box, use port forwarding and the loopback adapter to create a tunnel to the samba box and have the windows backup program write to the samba share which is only listens on 127.0.1.1

    setup on windows box:
    Loopback IP: 172.168.254.1
    Real IP: XX.XX.XX.XX
    SSH port forward from Local 172.168.254.1:139 to remote 127.0.0.1:139

    Create an account for each machine on the debian box.

    Windows backs up to \\172.168.254.1\MACHINENAME

  4. Might give Unison a Try by namtro · · Score: 5, Interesting

    I've had fairly good experiences with the Unison product. It works similarly to rsync but with a few enhanced features. And I quote...

    • Unison runs on both Windows (95, 98, NT, and 2k) and Unix (Solaris, Linux, etc.) systems. Moreover, Unison works across platforms, allowing you to synchronize a Windows laptop with a Unix server, for example.
    • Unlike a distributed filesystem, Unison is a user-level program: there is no need to hack (or own!) the kernel, or to have superuser privileges on either host.
    • Unlike simple mirroring or backup utilities, Unison can deal with updates to both replicas of a distributed directory structure. Updates that do not conflict are propagated automatically. Conflicting updates are detected and displayed.
    • Unison works between any pair of machines connected to the internet, communicating over either a direct socket link or tunneling over an rsh or an encrypted ssh connection. It is careful with network bandwidth, and runs well over slow links such as PPP connections. Transfers of small updates to large files are optimized using a compression protocol similar to rsync.
    • Unison has a clear and precise specification.
    • Unison is resilient to failure. It is careful to leave the replicas and its own private structures in a sensible state at all times, even in case of abnormal termination or communication failures.
    • Unison is free; full source code is available under the GNU Public License.

    Anyway, you might give it a look...

    1. Re:Might give Unison a Try by cookd · · Score: 3, Informative

      You're taking it out of context, or maybe misunderstanding the feature. Some backup systems require OS support, so you have to install something setuid, set up a service, or hack the kernel to even get it to work. The idea is that this runs as a user (as do other programs like rsync or scp) and not as a kernel component (like a filesystem driver).

      Your interpretation: This program magically allows any user to read any file on the system without admin privileges.

      Correct interpretation: This program does not require admin privileges to install or run, and can run as any user. (Of course, the files that the program can access are limited by the user it runs as.)

      --
      Time flies like an arrow. Fruit flies like a banana.
  5. A few solutions by moosesocks · · Score: 3, Informative

    As mentioned earlier here, there are numerous SSH/SCP implementations for Win32. Search around. They're somewhat hard to find, but there's quite a few (make sure you choose one in active development. There are quite a few abandoned projects with security holes and other bugs). Honestly, I don't remember what one I use on my windows machine :) As a word of advice, do not use a cygwin distribution. They're somewhat buggy and need to run inside cygwin. The 'native' servers which link against some cygwin libraries seem to be allright though.

    There's also another easier option. But, it will cost you. Use a "real" backup program such as Retrospect which will do compression and encryption (very strong encryption if you desire) client side. More often then not, this is what big businesses use. You can then safely use smb, ftp, scp, whatever you wish

    --
    -- If you try to fail and succeed, which have you done? - Uli's moose
  6. netcat by bergeron76 · · Score: 3, Informative

    Use netcat (nc)

    A version exists for Windows (it's what the kiddee's use), but it can be used for legit purposes if done properly.

    --
    Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
  7. Bacula by DeathBunny · · Score: 3, Informative
    Use Bacula. It's a GPL'd client/server enterprise backup software. It includes clients for most versions of Unix, OSX, and Windows.


    Although the clients do not have built in support for encryption, according to the manual you can run the clients through stunnel to encrypt the traffic between the clients and the backup server. Future versions are supposed to support encryption built into the client.

  8. BackupPC by mrph · · Score: 3, Insightful
    I use BackupPC on a Debian box to backup some laptops and a server at work.
    It is highly configurable and easy to set up automatic backup routines and you can monitor operations
    using a webbased interface. BackupPC also supports various transfer methods such as rsync, samba, etc.
    and makes use of compression and pooling of files to save diskspace.

    Of course, getting some scripts using rsync over ssh or something like that won't be that hard,
    but anyway, I recommend you to check out BackupPC.