rsbackup-cs (client-server) is a set of Perl scripts which use rsync to back up client machines to a remote server. The system was set to maximize security on the client, allowing no additional penetration vectors for the backup server. As Robert Heinlein stated, “Put all your eggs in one basket, and watch that basket.”
rsbackup’s server component never initiates a connection. Client initiates encrypted (ssh) connection with server, which verifies the following before allowing communication:
- public key of the client
- client name
- machine name
- ip address of client
- time of day
- command must be one of
- prepare – server executes a pre-defined set of actions for that particular client, ie creating a new delta of the backup store.
- rsync – verified for correct target, then allowed to execute. Only certain parameters are allowed in the rsync command.
- cleanup – server executes a pre-defined set of actions for that particular client, ie rotating off old deltas of backups
rsbackup-cs has two modes; client/server and peer-to-peer.
- client-server – a server is set up to allow one or more clients to connect, with additional security, customizable for each client.
- peer-to-peer – designed to replicate one server to a backup machine. Security is lower as it is assumed the backup server will provide its own security, giving the administrator the ability to give access to the backup machine in case of failure of the master server.
Once a backup is completed (usually via a cron job), a report is sent via e-mail. This report contains a summary of the backup, plus the output of the initialization, rsync and cleanup scripts. Since the output can become very large, rsbackup-client first attempts to compress it using gzip.
rsbackup server and client have both been tested on Linux (Devuan, Debian, CentOS) and FreeBSD.
The rsbackup client can be configured to grab data from a group of local machines using rsync, or samba/nfs mounts, then store the data locally for a local backup. After this is accomplished, the client can then sync the information to a remote server. For local only backups, there are various other tools which perform the task more efficiently.
rsbackup-cs has no installer, and documentation is fairly limited, though it has been running on systems for well since about the year 2000. It may be downloaded via subversion from