How to use Rsync with backup user?


#1

Hello everyone,

We now have RSSH access to the backup user accounts and I understand that this allows us to use RSYNC.

But, I have not been able to get this to work. I have a Centos 4.5 Linux server that I would like to have a cron job perform nightly backups. I can do this with rsync between servers but I cannot get this to work with the Dreamhost backup server.

Does anyone have a backup script using rsync that you would be willing to share?

Your help would be very much appreciated.

Thank you in advance,

Kevin


#2

This is great news! I just tried it with my usual syntax and it works.

From OSX:
rsync -avze ssh --delete ‘BACKUPSUSER@backup.dreamhost.com:’ ‘/tmp/save’

Next, I’ll see if it can save my SSH public key to make it passwordless.

-Scott


#3

Glad its working for you.

When I try your exact command (corrected for my user) from my Centos 4.5 server I get:

[quote]rsync -navze ssh --delete /root user@backup.dreamhost.com:
user@backup.dreamhost.com’s password:
[/quote]

insecure -e option not allowed.
This account is restricted by rssh.
Allowed commands: scp sftp rsync
If you believe this is in error, please contact your system administrator.
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(635) [sender=3.0.2]

Anyone have any ideas?

Thanks,

Kevin


#4

BTW … from your command it looks like you are copying from “backup.dreamhost.com” to “/tmp/save”.

I would think you would want to do the opposite for backing up.

Kevin


#5

Correct, but that was my quick and dirty test. I’ve not actually backed anything up because rsync wasn’t available yet. Now I’ll look into using it properly.

When you say you can rsync between servers, does that mean between one of your FTP users and the Backups user? I don’t know why it thinks -e is insecure. What version of SSH are you using? I’m running OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006

Does the -v (verbose) flag shed any additional light?

-Scott


#6

Thanks for the reply.

I am backing up a Centos 4.5 server to a Centos 4.5 backup server via rsync on the LAN and have one installation were I am backing up a Centos 4.5 server to a Centos 4.5 offsite backup server via rsync over the internet. Works great!

On all computers I am using:

openssh-server.i386 3.9p1-11.el4_7
openssh.i386 3.9p1-11.el4_7
openssh-clients.i386 3.9p1-11.el4_7
rssh.i386 2.3.2-1.2.0.el4
openssl.i686 0.9.7a-43.17.el4_6.1

So I’m running version 3.9. On my Centos 5 test server the latest is version 4.3.

The OpenSSH version on the “bonanno” web server is 4.3.

AND THAT IS IT!!!

On my test server I can get in. Damn … I’m not ready to upgrade yet.

Thanks for leading down the path of enlightenment.

Kevin


#7

Hi Kevin, this is a bug between rsync server version 2.6.x and rsync client >= 3.0.
To solve this, add --protocol=29 and it’s done.
:slight_smile:
https://bugzilla.samba.org/show_bug.cgi?id=5607


#8

I’m trying to do the same thing. They’ve moved me twice without notification from backup3.dreamhost.com to backup4.dreamhost.com and now to backup.dreamhost.com, which seems to be running very slowly.

Takes about 30 seconds to even establish a connection… even slower trying to send files.

I hope they get this resolved shortly.


#9

No joy here.

I tried:

“rsync --protocol=29 -vvvvn @backup.dreamhost.com:”

And still got:

cmd= machine=backup.dreamhost.com user= path=
cmd[0]=ssh cmd[1]=-l cmd[2]= cmd[3]=backup.dreamhost.com cmd[4]=rsync cmd[5]=–server cmd[6]=–sender cmd[7]=-vvvvnde. cmd[8]=. cmd[9]=
opening connection using: ssh -l backup.dreamhost.com rsync --server --sender -vvvvnde. .
note: iconv_open(“ISO-8859-1”, “ISO-8859-1”) succeeded.
@backup.dreamhost.com’s password:
insecure -e option not allowed.
This account is restricted by rssh.
Allowed commands: scp sftp rsync
If you believe this is in error, please contact your system administrator.
rsync: connection unexpectedly closed (0 bytes received so far) [receiver]
_exit_cleanup(code=12, file=io.c, line=635): entered
rsync error: error in rsync protocol data stream (code 12) at io.c(635) [receiver=3.0.2]
_exit_cleanup(code=12, file=io.c, line=635): about to call exit(12)

Am I doing something wrong?

Thanks again,

Kevin


#10

I got it!!!

I had to update rsync from 3.0.2 to 3.0.4 to get “–protocol=29” to work!

Now if I can just figure out how to stop it from prompting me for a password every time.


#11

Create ssh keys :slight_smile:
http://blogs.translucentcode.org/mick/archives/000230.html
The trick is:

On a temp dir, put the public key and the authorized_keys file and, using sftp, create a .ssh dir and upload both files to .ssh.
On the option -e, use “ssh -i ~/.ssh/”

Good luck!


#12

I’ve got a related problem I think.

When using DeltaCopy (rsync for Windows), sftp or even scp I keep getting a timeout.

Using WinSCP 4.1.7 for example, I can get so far as being asked for a password… then it hangs until it times out.

Log is:

. 2008-11-05 22:17:30.697 Looking up host “backup.dreamhost.com
. 2008-11-05 22:17:30.697 Connecting to 205.196.216.115 port 22
. 2008-11-05 22:17:31.181 Server version: SSH-2.0-OpenSSH_4.3p2 Debian-9etch3
. 2008-11-05 22:17:31.181 We claim version: SSH-2.0-WinSCP_release_4.1.7
. 2008-11-05 22:17:31.181 SSPI: acquired credentials for: xxx@xxx
. 2008-11-05 22:17:31.181 Constructed service principal name ‘host/backup.dreamhost.com’
. 2008-11-05 22:17:31.181 GSSKEX disabled: No credentials are available in the security package

. 2008-11-05 22:17:31.181 Using SSH protocol version 2
. 2008-11-05 22:17:31.462 Doing Diffie-Hellman group exchange
. 2008-11-05 22:17:32.242 Doing Diffie-Hellman key exchange with hash SHA-1
. 2008-11-05 22:17:32.850 Host key fingerprint is:
. 2008-11-05 22:17:32.850 ssh-rsa 2048 0e:c2:f6:f4:d9:86:9d:4b:c4:3d:77:e7:a4:bb:59:14
. 2008-11-05 22:17:32.850 Initialised AES-256 SDCTR client->server encryption
. 2008-11-05 22:17:32.850 Initialised HMAC-SHA1 client->server MAC algorithm
. 2008-11-05 22:17:32.850 Initialised AES-256 SDCTR server->client encryption
. 2008-11-05 22:17:32.850 Initialised HMAC-SHA1 server->client MAC algorithm
! 2008-11-05 22:17:34.301 Using username “username”.
. 2008-11-05 22:17:35.050 Prompt (6, SSH password, , &Password: )
. 2008-11-05 22:17:39.574 Sent password
. 2008-11-05 22:17:54.581 Waiting for data timed out, asking user what to do.
. 2008-11-05 22:17:54.581 Asking user:
. 2008-11-05 22:17:54.581 Host has not answered for 15 seconds.
. 2008-11-05 22:17:54.581
. 2008-11-05 22:17:54.581 Wait for another 15 seconds? ()
. 2008-11-05 22:19:31.378 Data has arrived, closing query to user.
. 2008-11-05 22:19:31.378 Server unexpectedly closed network connection

  • 2008-11-05 22:19:31.410 (ESshFatal) Server unexpectedly closed network connection.
  • 2008-11-05 22:19:31.410 Authentication log (see session log for details):
  • 2008-11-05 22:19:31.410 Using username “username”.
  • 2008-11-05 22:19:31.410
  • 2008-11-05 22:19:31.410 Authentication failed.

Any help would be appreciated.


#13

This may be an issue on their end. 12 hours ago I was not able to log into backup.dreamhost.com at all. I have not tried since.

BTW would you mind sharing you Deltacopy setup with me. I would like to try this and replace SFTP on Windows.


#14

The --protocol=29 did the trick for me too. Thanks!

Click here or enter [color=#CC0000]FREEDOM3[/color] for $50 off and 3 free domains!


#15

I am trying to use backup.dreamhost.com, but I am having a different problem. I think that my home directory wasn’t created properly when by backup user was created.

If I sftp to backup.dreamhost.com, my working directory after login is “/”.

If I do cd /home/MY_BACKUP_USER/, I get the message “Couldn’t canonicalise: No such file or directory”

Can anyone else access their home directory using sftp?


#16

Haven’t got that far with DeltaCopy yet, as can’t even log in.

Will let you know once I can get in.


#17

Worked for me:

sftp <my_user_name>@backup.dreamhost.com Connecting to backup.dreamhost.com... <my_user_name>@backup.dreamhost.com's password: sftp> pwd Remote working directory: /vol/raid2965/1/<my_user_name> sftp> cd /home/<my_user_name> sftp> pwd Remote working directory: /vol/raid2965/1/<my_user_name> sftp>


#18

What speeds are people getting? Looks like it’s capped to around ~46kB/sec upload for me, download doesn’t seem affected.


#19

Thanks darose. I have opened a support ticket with dreamhost.


#20

I was getting 40-some kB/sec also, but that’s about what my cable is capped at anyways. Most residential lines are limited to 256-512kb/sec (32-64kB/sec) for upload. Mine is 384kpbs (48kBps), which is exactly what I’m getting to dreamhost.

But I don’t like saturating my upload speed, so I’m now using rsync to cap it at 15KB/sec using “–bwlimit=15”.

Justin

Click here or enter [color=#CC0000]FREEDOM3[/color] for $50 off and 3 free domains!