[CentOS] Securely backing up Linux machines to NAS?

Sat Sep 12 02:50:09 UTC 2009
Ray Van Dolson <rayvd at bludgeon.org>

On Fri, Sep 11, 2009 at 10:42:19PM -0400, Scott Ehrlich wrote:
> I have been tasked with having a Buffalo Terastation Pro 2 NAS box,
> likely to be connected to a Linux box via samba, be the storage device
> to back up mostly Ubuntu and Centos systems.  The trick is, the
> machines to be backed up need to do so in an automated fashion and
> make a secure, encrypted connection to my Linux box hosting the NAS.
> The NAS does have SSL enabled for web admin access, though the same
> login credentials are used to authenticate the Linux host via samba to
> the NAS.
> 
> So what are the simplest options to back up the Linux hosts?   rsync
> does come to mind, but how to do so securely from each host?   I'd
> consider something via ssh, but that would mean an interactive login,
> and encrypting individual files on the hosts is not an option.
> 
> NFS is also available on the NAS, but considering the security
> concerns, I will not use that, nor do I want to enable any more
> services on the linux machines being backed up than necessary, meaning
> samba is not an option, unless it remains the ONLY one.
> 
> I ONLY plan to use samba to mount the NAS to my Linux server, unless
> someone comes up with a more secure method, or even away to negate the
> need of the Linux server and permit the hosts to back up directly to
> the NAS...
> 
> Ideas are welcome.

rsync+ssh (using key based auth) or some sort of private encrypted
backup network (perhaps via openvpn).

rsync+ssh probably simpler. :)

I would guess some of the backup software packages out there (bacula,
etc) will also do encryption.

Ray