When I travel for pleasure or business, my laptop (and Android phone)
are no longer on my local network, so BackupPC no longer is able to
see the devices and back them up.
One could use a VPN, but alternatively, I wrote some perl code that
can be inserted into the corresponding <host>.pl config.pl to backup
over an SSH tunnel on port <tunnel port> if the file
'.sshtunnel-<tunnelport>' exists in the corresponding
$TopDir/pc/<host> directory.
See the following code (and embedded notes).
---------------------------------------------------------------------------------------------------
my $jhost = $_[1]; #Note: $_[1] is the name of the file (as sourced by 'do')
my $SshUser = 'root';
my $SshPort = 22; #Port for sshd server on the remote machine (typically 22, or
2222 if non-priveleged)
$Conf{PingMaxMsec} = 400; #Necessary because otherwise get pings too slow
#Backup over SSH tunnel to allow backup of devices when they are not on local
network...
#Touch: TopDir/pc/<host>/.sshtunnel-<tunnelport> to enable backup over SSH
tunnel using port <tunnelport> (remember to DELETE when done!)
my ($TunnelPort) = map {/\.sshtunnel-([0-9]+)$/ ? $1 : (); }
</var/lib/backuppc/pc/$jhost/.*>;
if(defined $TunnelPort) { #If file containing TunnelPort exists in top level
host directory, then use it
#Rsync to localhost over SshPort = <tunnelport>
$SshPort = $TunnelPort;
$Conf{ClientNameAlias} = 'localhost';
#For backing-up/restoring remote host over port forwarded-reverse SSH
tunnel
#using <tunnelport> (e.g., when using over USB or remote internet)
# <BackupPC server>:<tunnelport> -> <remote host>:<Orig SshPort>
#From the remote host, ssh to BackupPC server using:
# -R <tunnelport>:localhost:<Orig SshPort>
#E.g., ssh -R <tunnelport>:localhost:22 -p 2222 <user>@<BackupPC server>
#Note: My windoze PuTTY app and android 'connectbot' app is configured to
automatically includes this port forward
#Alternatively, On BackupPC servers, ssh to remote host using:
# -L <tunnelport>:localhost:<Orig SshPort>
#E.g., ssh -L <tunnelport>:localhost:22 -p <Orig SshPort>
<SshUser>@<remote host>
#If you want to backup on server2 via server1, then you need to create a
double port forward
# server2:<tunnelport> -> server1:<tunnelport> -> <remote host>:<Orig
SshPort>
# From, the remote host, use a proxy Jump:
# ssh -R <tunnelport>:localhost:22 -J <user1>@server1:2222 <user2>@server2
# Alternatively, first create one of the first port forwards to connect
'server1' and the remote host.
# Then create an aiddiontal port forward to connect 'server2' and 'server1'
# Either, ssh from server1 to server2 as follows:
# ssh -R <tunnelport>:localhost:<tunnelport> server2
#Or ssh from server2 to machine1 as follows:
# sudo -u backuppc ssh -L <tunnelport>:localhost:<tunnelport> -l
backuppc-client machine1
#Then you can log into the remote host from machine2 using:
# sudo -u backuppc ssh -p <tunnelport> <remoteUser>@localhost -o
UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no
#Note Start from machine1, combine creating the machine1-machine2 port with
login from machine2 to remote host:
# ssh -t -R <tunnelport>:localhost:<tunnelport> machine2 "sudo -u
backuppc ssh -l backuppc-client -p <tunnelport> localhost -o
UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
#Alternative ping command - ssh to remote client over $SshPort =
<tunnelport> and ping itself (i.e. ping localhost)
#Linux/Android ping: 'ping -c 1'
$Conf{PingCmd} = "$Conf{SshPath} -q -x -p $SshPort -l $SshUser -o
UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost ping -c 1
localhost";
#Windows Cygwin ping: 'ping -n 1'
# $Conf{PingCmd} = "$Conf{SshPath} -q -x -p $SshPort -l $SshUser -o
UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no localhost ping -n 1
localhost";
#Note above needs double quotes since $sshPath for PingCmd is not set at
runtime
#Note: add options to ignore known_hosts and turn off StrictHostKeyChecking
since already running over a known ssh channel
# PLUS the known_hosts and keys will need to be added for every new
<tunnelport> used causing backuppc to wait and fail.
}
$Conf{RsyncSshArgs} = ['-e', "$Conf{SshPath} -p $SshPort -l $SshUser"];
#SshPort is typically 22 (or 2222 if non-privileged)
$Conf{RsyncSshArgs}->[1] .= " -o UserKnownHostsFile=/dev/null -o
StrictHostKeyChecking=no" if $TunnelPort;
#Note above needs double quotes since $sshPath for PingCmd is not set at runtime
#Note: add options to ignore known_hosts and turn off StrictHostKeyChecking
since already running over a known ssh channel
# PLUS the known_hosts and keys will need to be added for every new
<tunnelport> used causing backuppc to wait and fail.
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: https://github.com/backuppc/backuppc/wiki
Project: https://backuppc.github.io/backuppc/
