Logo

Encrypted distributed Backups via AES and FTP

While working on my diploma thesis I needed an easy way to backup the most important directories every evening. I decided to ask some friends whether they could give me an FTP account on their computer. Because it's painful, to tar and copy the latest files manually, I wrote a little script for that purpose. This script also copies the backup locally.
First there are some variables to define. They should be self-explaining.
NAME=backup`date +%Y%m%d`.tbz.aes
DIRTOBACKUP=/important

MOUNTPOINT=/mnt/some_backup_drive

USER='backupuser'
PASSWD='mostsecret'
HOST='ftp.backupservicestation.com'
REMOTEDIR=backup
Now it's time to create the backup.
tar cj $DIRTOBACKUP | aes -e -p my_top_secret_password -o $NAME
Spreading the backup locally.
echo copying to local
if mount | grep $MOUNTPOINT >/dev/null 2>&1
then
  cp $NAME $MOUNTPOINT
else
  echo $MOUNTPOINT not mounted
fi
Spreading the backup via ftp.
if ping -c 1 -w 2 $HOST >/dev/null 2>&1
then
  ftp -p -n $HOST <<SCRIPT
  user $USER $PASSWD
  binary
  cd $REMOTEDIR
  put $NAME
  quit
SCRIPT
else
  echo $HOST not online
fi
For those who are not familiar with here-documents: The <<KEYWORD means, that the following lines are fed via stdin to the most recent programm. This is done until the KEYWORD is read again. So it is important to type no spaces in front of the second SCRIPT. See
man bash
for more information about here-documents.
That's it. Pretty easy. Adjust the initial variables and be happy. Also, it should be very easy to extend this to multiple backup locations.
Because this script has to contain the passwords of your FTP accounts, don't forget to set appropriate permissions.
To restore a tbz.aes-file, it's sufficient to type
aes -d -p my_top_secret_password -f backup.tbz.aes | tar xj
For encryption I used the little aes utility that can be found here.