[CentOS] Securely backing up Linux machines to NAS?

[Les Mikesell]

Scott Ehrlich wrote:
> I have been tasked with having a Buffalo Terastation Pro 2 NAS box,
> likely to be connected to a Linux box via samba, be the storage device
> to back up mostly Ubuntu and Centos systems.  The trick is, the
> machines to be backed up need to do so in an automated fashion and
> make a secure, encrypted connection to my Linux box hosting the NAS.
> The NAS does have SSL enabled for web admin access, though the same
> login credentials are used to authenticate the Linux host via samba to
> the NAS.
> 
> So what are the simplest options to back up the Linux hosts?   rsync
> does come to mind, but how to do so securely from each host?   I'd
> consider something via ssh, but that would mean an interactive login,
> and encrypting individual files on the hosts is not an option.
> 
> NFS is also available on the NAS, but considering the security
> concerns, I will not use that, nor do I want to enable any more
> services on the linux machines being backed up than necessary, meaning
> samba is not an option, unless it remains the ONLY one.
> 
> I ONLY plan to use samba to mount the NAS to my Linux server, unless
> someone comes up with a more secure method, or even away to negate the
> need of the Linux server and permit the hosts to back up directly to
> the NAS...

I always recommend looking at backuppc first for an online backup service 
because it gets almost everything right and has a simple web interface for 
configuration and acces.  It's not a real good fit for a NAS though.  You could 
probably make it work over NFS - and fix the security issue by connecting it 
directly to a 2nd NIC on the linux box and nothing else, but it would be much 
easier to just add some large drives either internally or via eSATA on the linux 
box itself.  It can't use samba-mounted storage for it's archive because it uses 
hard links to save space for duplicate files.

-- 
   Les Mikesell
    lesmikesell at gmail.com