Rsync host setup

File Protection can use an rsync host as a backup destination. This allows you back up data across the internet to any rsync host server. The rsync host can be supplied by a 3rd party or you can set up your own rsync host server.

BackupAssist's implementation of rsync

BackupAssist implements rsync as a destination for File Protection backups. When you create the backup job, rsync is selected as a destination in the Destination step, and configured in the Set up destination step. This section explains how File Protection features apply to rsync and how BackupAssist works with rsync's features.

To learn how to make an rsync backups, see Rsync backups (NOTE: Rsync is no longer a supported feature)

Do-it-yourself rsync hosting

Any rsync Server such as an rsync-enabled NAS device, a Windows Server or a Unix machine can be used to store backups using rsync. The do-it-yourself approach has the advantage of keeping data in your control and a lack of monthly hosting fees.

Rsync servers can be one of two types:

  • Rsync over SSH (preferred) runs rsync via a secure shell (SSH, port 22) which means all traffic over the internet is encrypted. User access control is modified by editing user accounts on the server.
  • Daemon mode runs rsync as a normal TCP/IP service. User access control is modified by editing the rsync.conf file. Internet traffic is not encrypted. To learn more, review our online article Configuring BackupAssist for rsync without SSH, under the section, Altering the rsyncd.conf file.

Note: Windows and Linux data hosts support rsync over SSH. However, some NAS devices do not, and Daemon mode must be used instead. Daemon mode is still an acceptable solution provided a secured LAN/WAN (such as site-to-site VPN) is used.

How to set up a Windows rsync host

To set up a Windows machine to act as an rsync server, you will need to install both SSH and rsync on your Windows Server. We recommend CopSSH and cwRsyncServer. An installer for each can be found here under the Rsync tab, on our website.

Step 1 Install Rsync

To set up a Windows rsync host requires a Windows Server 2008 or later machine with network connectivity and space to store backup data.Windows Small Business Servers (SBS) should not be used as rsync hosts.

Step 2 Install CopSSH

Once rsync is installed you will need to install CopSSH. CopSSH is used to open the secure tunnel between the BA machine and the Rsync server

Step 3 Activate a user

If you are planning to use SSH, you must activate a user with CopSSH before you register a BackupAssist client with your rsync server

Note: You will need to enable SSH port 22 through firewall if it is being blocked.

Note: If you uninstall rsync, the Windows service users SvcCOPSSH and SvcCWRSYNC are not removed. If you then re-install rsync the Windows users cannot be recreated because the passwords will not match, so the COPSSH and rsync services will not start. The fix is to uninstall and remove the users manually then re-install and add the users again with known passwords.

How to set up a Linux rsync host

Most FreeBSD and Linux servers can be used to host backup data. BackupAssist has two requirements: that the data host has an SSH server and rsync installed. All major Linux distributions (such as Fedora, RedHat Enterprise, Ubuntu, Debian) have these two prerequisites available as install options. The most common SSH server is OpenSSH.

To determine if your system has the prerequisites installed, log into your system, start a shell and type:

man rsync – this should return the man page for rsync if installed. Type ‘q’ to exit the man page.
man sshd – this should return the man page for sshd if installed. Type ‘q’ to exit the man page.

You should use your distribution’s software package manager to install these packages, if they are not already installed. Most commonly they can be found under the Server or Security categories. The next step is to create logons on your data host. We recommend creating a separate logon for each client. For example, if you host data for 5 different companies, create 5 different accounts so that each company will only be able to see their own data. You should also make sure that each client’s home directories are on a partition that contains sufficient space to host their data.

You must also change the permissions on each user’s home directory, otherwise most SSH daemons will not allow you to connect to the server using the public/private key method (which BackupAssist uses). To do this, use the chmod command – for example for a user “fred”, type in the following (when logged on as root): chmod 700 /home/fred

Note: You can run rsync as a daemon on your Linux server. (For security reasons, we do not recommend this – use rsync over SSH instead.) If you choose to run rsync in daemon mode, you will not need to have the SSH service installed. For instructions on setting up BackupAssist to connect to an rsync daemon please view the How to set up a NAS rsync host section below.

How to set up a NAS rsync host

Backing up to an rsync-enabled NAS can be a very effective solution. The advantage of using a NAS is that, as an appliance, it can be close to a turnkey solution and easier to manage. Each NAS is different and some support rsync over SSH, whereas others only support rsync Daemon mode. There is however a list of requirements that must be met in order for BackupAssist to connect to the device.

To use your NAS as an rsync data host you will need:

  • A NAS that is running rsync as a daemon, or one that has rsync and an SSH service running.
  • Setup a share to act as a root directory for your rsync backups and allow read and write permissions to that directory.
  • If your NAS requires a password to connect to the rsync service, you will need BackupAssist to authenticate to it.
  • Your NAS will need to have the correct ports open for your rsync Daemon or SSH service (873 and 22 respectively).
  • Check that your firewall is not blocking the SSH port/s.

Many dedicated NAS devices offer built-in support for rsync. While this can be convenient to set up, many of these devices use low-powered processors which can result in reduced performance if you are backing up large files (several GB or larger in a single file). The options available with these devices vary, and you will need to consult the vendors manual when setting up the NAS destination.

NAS Vendors that support rsync include QNAP, drobo, NETGEAR and Synology.

BackupAssist rsync daemon mode

BackupAssist provides two options for running backups over an Rsync connection: Rsync over SSH and Rsync Daemon. Rsync over SSH runs Rsync via a secure shell (SSH, port 22), which means that all traffic over the internet is encrypted. User access control is modified by editing user accounts on the server. Daemon mode runs Rsync as a normal TCP/IP service and internet traffic is not encrypted. User access control is modified by editing the Rsync.conf file.

Both Windows and Linux data hosts support Rsync over SSH. However, some NAS devices do not, and where this is the case, Daemon mode must be used instead. Even though your data is not encrypted, Daemon mode is still an acceptable solution provided a secure LAN/WAN (such as site-to-site VPN) is used.

Troubleshooting

Below are three common rsync host setup errors and how to resolve them.

  • Test connection failed : Ensure that you are able to ping your rsync server from your BackupAssist server and that you have opened up the appropriate ports on your firewall. Make sure that the username can access the path you have specified.
  • SSH Connection Refused : Ensure that the services Openssh SSHD and RsyncServer are started on the data host machine (Administrative Tools > Services). Make sure your firewall is not blocking the attempt.
  • Register with server failed : Ensure that you have the correct username and password set up on your rsync server.