Encrypted distributed Backups via AES and FTP
While working on my diploma thesis I needed an easy way to backup the most important directories every evening. I decided to ask some friends whether they could give me an FTP account on their computer. Because it's painful, to tar and copy the latest files manually, I wrote a little script for that purpose. This script also copies the backup locally.
First there are some variables to define. They should be self-explaining.
NAME=backup`date +%Y%m%d`.tbz.aes DIRTOBACKUP=/important MOUNTPOINT=/mnt/some_backup_drive USER='backupuser' PASSWD='mostsecret' HOST='ftp.backupservicestation.com' REMOTEDIR=backup
Now it's time to create the backup.
tar cj $DIRTOBACKUP | aes -e -p my_top_secret_password -o $NAME
Spreading the backup locally.
echo copying to local if mount | grep $MOUNTPOINT >/dev/null 2>&1 then cp $NAME $MOUNTPOINT else echo $MOUNTPOINT not mounted fi
Spreading the backup via ftp.
if ping -c 1 -w 2 $HOST >/dev/null 2>&1 then ftp -p -n $HOST <<SCRIPT user $USER $PASSWD binary cd $REMOTEDIR put $NAME quit SCRIPT else echo $HOST not online fi
For those who are not familiar with here-documents: The <<KEYWORD means, that the following lines are fed via stdin to the most recent programm. This is done until the KEYWORD is read again. So it is important to type no spaces in front of the second SCRIPT. See
man bashfor more information about here-documents.
That's it. Pretty easy. Adjust the initial variables and be happy. Also, it should be very easy to extend this to multiple backup locations.
Because this script has to contain the passwords of your FTP accounts, don't forget to set appropriate permissions.
To restore a tbz.aes-file, it's sufficient to type
aes -d -p my_top_secret_password -f backup.tbz.aes | tar xj
For encryption I used the little aes utility that can be found here.