Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network-based Encrypted Backup in 15 Minutes

Posted by ryuzaki0 on from the avoid-the-noid dept.

Amanda writes "Many of us plan for mundane (but important) tasks like setting up backup during long weekends. Much of it is because of complexity and cumbersome nature of the tasks involved. This article shows how to quickly and securely set up a network-based backup, all using freely downloadable software tools like Amanda, Samba and Tar."

25 comments

  1. 15 Minutes for a Pizza? by neonprimetime · · Score: 4, Funny

    The 15-Minute Backup Solution
    Secure Network Backups in a Heterogeneous Environment in the Time it Takes to Have Pizza Delivered

    That's some crazy Sh!t ... Round here it's more like 1 hour

    1. Re:15 Minutes for a Pizza? by ReverendLoki · · Score: 0
      That's some crazy Sh!t ... Round here it's more like 1 hour

      To what, run a backup, or have a pizza delivered? Be more specific, man!

      --
      09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    2. Re:15 Minutes for a Pizza? by snax · · Score: 3, Funny

      OK, then, how about Thai? I swear they know what I want before I do....

    3. Re:15 Minutes for a Pizza? by ReverendLoki · · Score: 1

      Following up my own post: Yeah, If I had read the comment's title, I would have had my questioned answered. Hey, I already read the summary, and am reading the article... next you'll want me to read comments before I respond to them.

      --
      09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
    4. Re:15 Minutes for a Pizza? by neonprimetime · · Score: 2, Funny

      Pathetic. You coulda read the summary, article, and my post in the time it takes to deliver a pizza.

  2. Hi, Senator Stevens! by Tackhead · · Score: 1, Interesting
    > This article shows how to quickly and securely set up a network-based backup, all using freely downloadable software tools like Amanda, Samba and Tar."

    So you want to talk about the consumer? Let's talk about you and me. We use this internet to communicate and we aren't using it for commercial purposes.

    You're goddamn right we do, Senator Stevens, and services like this are why you're wrong on Network Neutrality. It's got nothing to do with video on demand, and everything to do with your campaign sponsors trying to legislate innovation out of existence.

    1. Re:Hi, Senator Stevens! by JimmytheGeek · · Score: 1

      Stevens is a scumbag. During hearings on price gouging, Sen. Cantwell wanted to put them under oath Stevens shut her down. Then they lied. Stevens made it possible. They pissed all over Congress, and the U.S. public, and Stevens held their dicks.

  3. It only takes 15 minutes... by Homology · · Score: 2

    if you already know your backup needs, know the applications your are using for backup, know how to configure the applications and don't do any testing that your backup actually works.

    The article is nothing but a stunt.

  4. 15 minutes?!? There's a catch. by sakusha · · Score: 3, Insightful

    The catch is, it's supposed to take 15 minutes to SET UP the backup system, not to actually PERFORM the backup.

    I suspect it will be a long time before I have a fast enough network connection to back up my (90% full) 950Gb RAID over a network in 15 minutes. And then there's the issue of the CPU horsepower required to encrypt all those hundreds of gigs of data. And come to think of it, this system doesn't really have any way to test if the backup actually WORKS, other than by restoring it to the primary system and wiping out the original data. And you know what will happen if you restore a hosed backup over your live production system.

    1. Re:15 minutes?!? There's a catch. by Unknown+Relic · · Score: 1

      Where do you get that you don't have any way of testing that the backup works? That's flat out wrong. Amanda provides tools for browsing backups, performing partial restores and more.

      http://www.amanda.org/docs/amrecover.8.html

    2. Re:15 minutes?!? There's a catch. by gbjbaanb · · Score: 3, Interesting

      That depends - if you perform incremental backups then 15 minutes of more than feasible. Try BackupPc for a easy-to-use rsync solution with a web front end for restores. I'm not sure about the encrypted bit though, but it can copy over a SSH tunnel.

      Alternatively, try Mozy for 2 gig of free online encrypted backups with individual file restores. (yes, someone hosts it and they expect you to pay for more storage space, but its useful for your important stuff at least)

    3. Re:15 minutes?!? There's a catch. by jabuzz · · Score: 1

      Well you could have an encryption offload engine that goes at full tilt, and assuming you have something that will sink 10GbE at full speed for extended periods of time you could do it in a shade under 16 minutes. Thing is you will real *BIG* iron for it to take that amount of data in that short period of time. It will nicely fit on one DLT-S4 tape, but that only goes at 60MB/s, and even RAID0 hard disk system is not going to be that fast.

    4. Re:15 minutes?!? There's a catch. by sakusha · · Score: 1

      I checked the man page, there's a command "amverify" but it merely tests the backup dataset for internal consistency, it doesn't verify it against the original. This is a recipe for disaster. I can think of multiple scenarios where I could perform a backup that is internally consistent but will not work upon restoration. In fact, MOST of the backup systems I've ever seen have no method to truly test integrity other than a full restoration on a duplicate hardware system and then running a bitwise comparison between machines.

      The heartbreaking part is, most people only discover their backups are bad when they need to do a disaster recovery for the first time, and they discover their procedures have been wrong all along, and now they have no way to restore. Backups are trickier than most people suspect, there is no quickie 15 minute solution.

    5. Re:15 minutes?!? There's a catch. by jessicalandy · · Score: 1

      I think your right about testing the backups. It would be nice if it could run when I'm no using my systems, and make a working backup. I have had failed restores from all kinds of products and individual applications not working with future versions.. a nice dependable, encrypted, automatic backup would be nice to have though, although for many of us it may tak days to unencrpt and get a working verison going. If it were possible and set up with your os and main programs / docs on one drive with huge media files on another, it amy not take so long to get production back sans the huge media files.

  5. 15 minutes ? by B2382F29 · · Score: 5, Interesting

    Far too long. I just use rdiff-backup for easy incremental remote backups (Including ACL and extended attributes).

    I still don't know why it is so unknown...

    --
    Move Sig. For great justice.
    1. Re:15 minutes ? by hutman · · Score: 1

      same here - rdiff-backup is a complete no brainer for small scripted backups. Try Boxbackup as well - a little more work to set up, but it's got a native windows client that works well and is easy to manage for a larger install.

  6. I think this is dangerous advice.... by gweihir · · Score: 4, Insightful

    It seems to me that the 15 minuten setup guide does neither do nor stress the importance of comparing the backup to the original after it has been written. Comparison serves two purposes:

    a) Make sure your backup is readable
    b) Make sure your backup decrypts and is equal to the original data

    Especially b) is often not the case due to RAM errors and other problems. With encryption a single bit-error after encryption can make your whole file permanently unreadable. a) can be violated by a number of things, but when you need that backup, it is too late to find out.

    Never, ever do backup without full compare afterwards! From time to time do a full restoration to other hardware to be sure you know how to do it and that it works!

    Seems to me this is really worth only the 15 minutes you need to put into it. But it can give you a dangerou, false sense of having understood how to do good backups.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  7. rdiff-backup for the win! by Anonymous Coward · · Score: 2, Informative

    My favorite secure backup solution is rdiff-backup. It compiles and runs under window, linux or osx...
    All traffic is sent over ssh...
    It took 2 days to do first backup of my music collection...but subsequent runs only take 3-4 mins now (we are talking over 100 gigs)
    Another nice feature of rdiff-backup is that it uses diff's to store changes to files...so you have a current 'mirrored' copy of data...and then you can pull up old versions using its diff features....
    Of course it's a single command line tool...perfect for cron scripting, ect...

    Another testitment to its speed - I use it to backup some linux virtual servers home directories...it can complete about 300+ servers in 15-25 mins....joy!

    Enjoy! I know I have! =)

  8. DIsk-based backups by Fred+Nerk · · Score: 2, Informative

    Backups-to-disk are becoming much more popular, I suppose because disks are now so much cheaper than tapes, last longer (IMHO) and are much more reliable. I had a lot of trouble at a previous employer with backups to tape - mostly in the fact that I could *never* do a restore, because tapes would just lose stuff.

    So I wrote dbackup (shameless plug for an open-source system here) to be an extremely simple way to backup multiple filesystems on multiple servers to a central archive (in my case on a NetApp filer), which then did it's own tape archive thing which never worked.

    It's a couple of perl scripts, it's really really simple, and it takes minutes to set up.

    http://dparrish.com/dbackup/

    --
    Anything is possible, except skiing through revolving doors.
    1. Re:DIsk-based backups by keyan01 · · Score: 1

      Couldn't agree more about backup to disk, having worked for one of the largest backup software provider for a number of years I use backup to disk as well. But as most people fail to realize, and has been mentioned here as well backup is less than half the story, if you do not test / ensure you can restore your data then time and effort spent on the backup process is wasted. I use a offsite backup product from Rune Solutions, i.e. I wrote and use my own sofware.

  9. To everyone talking about incremental backups... by swordgeek · · Score: 1

    Let's just get something out of the way here.

    Incremental backups are not full backups.

    There, that wasn't so difficult, was it?

    Saying that you can finish your backups in 15 minutes because you're doing incrementals is almost entirely false. You can finish your incremental backups in 15 minutes. You can backup the delta of your data in 15 minutes, but not the data itself.
    Where's the difference? Trying to restore to yesterday with a two year old full and a series of differentials will take ages and increase your risk of failure enormously. Trying to restore with a two year old full and a cumulative incremental is basically using two complete data sets instead of one.

    Incrementals are a tool to be used alongside fulls. Synthetic fulls may be a way of avoiding actually backing up your entire data set, but it still takes time to spin tape (or disk), and is new technology.

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
  10. You *can* have your cake and eat it by Anonumous+Coward · · Score: 1
    cryptsetup -c <algo> -b <size> create sdXN /dev/sdXN
    mount /dev/mapper/sdXN /backups
    rsync -aR [-c] [-z] --delete -e ssh somehost:/dir /backups/somehost/current/
    cp -al /backups/somehost/current /backups/somehost/`date +%Y-%m-%d`
    There. Every backup is a full one, only changed data take space on the disk, and it's encrypted to boot. A simple croned script can do the job for you and also purge old backups after a set time and/or pattern and notify you if your disk is filling up.
  11. Re:Don't trust the compare by soundman32 · · Score: 1

    I used to work at a place that as part of the backup, the compare function was run. After 12 months of pestering I pursuaded the IT manager to actually try restoring the tape and guess what?... the tape wouldn't restore.

    In fact non of the tapes from the last 12 months would restore!

    After the drive was repaired things were checked a couple of times, then the compare function was relied upon again.

    I left a while later and AFAIK a restore has still not been tried.

    --
    No sharp objects, I'm a programmer!
  12. Honestly. Use Bacula by Colin+Smith · · Score: 1

    It has a number of benefits, in particular the windows client can also store permission information and open files:

    http://www.bacula.org/

    It can also do bare metal restores for some platforms.

    --
    Deleted
  13. Re:Don't trust the compare by gweihir · · Score: 1

    I used to work at a place that as part of the backup, the compare function was run. After 12 months of pestering I pursuaded the IT manager to actually try restoring the tape and guess what?... the tape wouldn't restore.

    That points to broken software. The ''compare'' might not even be a compare! It might be a checksum testing or the like. That is basically worthless.

    Personally I use GNU tar for backups and the compare has allways been reliable. However I do test restores every few months, just to be sure. It never ceases to amaze me how many people just use some sort of backup, but never make sure it really works. Seems that data is still not percieved as mission critical, although it usually is....

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.