30
submitted 9 months ago by neosheo@discuss.tchncs.de to c/linux@lemmy.ml

I have 6 devices that i rsync to a central location to back them up. Ive been using ssh as the -e option. Problem is i use public key with passphrases, meaning to backup all six i need to go to each device and run the backup script. Since i typically backup /etc, /home, and /root this means entering sudo and the ssh passphrase 3x for each device.

I would much prefer a script that runs on back storage device that can pull the data from each device without having to use ssh (encryption is not necessary since all traffic is either local or going through a vpn connection).

I could then put this script in root's crontab or make it a systemd service running as root.

But i dont know how i can remote sync without ssh

you are viewing a single comment's thread
view the rest of the comments
[-] Nibodhika@lemmy.world 4 points 9 months ago

I love this answer because it's exactly what he's asking, but absolutely what he shouldn't do hahahaha.

Anyone wondering, go to a computer and type nc -lp PORT > file (Replacing PORT with the port you want to use), now go to a different computer and type nc IP PORT < FILE (Replacing IP and Port with the IP from the first machine and the PORT you ran on the command there, and FILE with a file you want to copy). Congratulations, you just copied a file from one machine to another without using SSH.

[-] solidgrue@lemmy.world 3 points 9 months ago

You can pipe tar through it too.

Receiver: nc -lp 12345 | tar xf -
Sender: tar cf - . | nc 192.168.0.123 12345

Also dd if you're moricated to image over the network.

I mean, he asked....

[-] matcha_addict@lemy.lol 1 points 9 months ago

What're the downsides? I'm sure it's very insecure. Is it faster?

[-] solidgrue@lemmy.world 4 points 9 months ago* (last edited 9 months ago)

Sends in the clear, no error checking, the nc command is promiscuous while its bound to the port. No crypto or compression to slow you down. Just a raw pipe of bytes

Its a bad idea, part of the forbidden codex known only to old, irreverent graybeards who know better but don't care anymore. There are better ways that are both more reliable and better practice.

You might want to look into using passwordless SSH keys within your script (see ssh -i) which isn't the most secure.practice on multiuser systems, but is Okayish in Devops and backups. Add other factors like aggressive allowed hosts settings on the receiver, and rotate the keys regularly.

this post was submitted on 04 Feb 2024
30 points (91.7% liked)

Linux

48210 readers
930 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS