Using Borg backup across SSH with sshkeys
Borgbackup is a fantastic piece of software. It's a free deduplicating archiver with compression and encryption, which reduces the amount of storage one needs to have to be able to keep backup archive for a very long term.
One of the great small things it can do is that it can run across the wire using ssh, authenticating with sshkeys. Sadly the documentation is not 100% correct, and it lack one bit of information for one to be able to get it to run.
The steps to get it working are:
Now it's possible to run borg:
Without BORG_RSH it is not possible to make it load the sshkey. The other option would be use ssh_agent, but that is cumbersome.
One of the great small things it can do is that it can run across the wire using ssh, authenticating with sshkeys. Sadly the documentation is not 100% correct, and it lack one bit of information for one to be able to get it to run.
The steps to get it working are:
- Follow the documentation to install borg
- Create a user on the destination server which will be the one who owns the repo.
- On the destination create the repo: borg init <path/repo name>
- On the source create an sshkey without passphrase (it is possible to do this with a passphrase - I just couldn't be bothered), and distribute the key to the destination server/user.
- Create a script which is use to setup a few environment variables which borg needs:
- BORG_PASSCOMMAND="cat <file containing the password for the repo>"
- BORG_RSH="ssh -i <path>/<private key>" <<== this was created in step 4).
Now it's possible to run borg:
# borg create --stats --compression zlib,5 ${REPOSITORY}::`hostname`-`date +%Y-%m-%d` \
/home/myuser \
/root
/etc
....
Without BORG_RSH it is not possible to make it load the sshkey. The other option would be use ssh_agent, but that is cumbersome.
Comments