Remote encrypted backup with duplicity

May 02, 2007 [Tech]

My father-in-law's hard drive died the other day and I was just able to recover the data using Knoppix and my iRiver. Since I recently discovered a superb program that lets me create encrypted backups on a remote server over ssh, I thought I'd spread the word. The program is called Duplicity and it is simplicity itself to use. Here is my remote backup script:

#!/bin/bash
# Copy this to /etc/cron.weekly and make it executable and owned by root # Back up my most important stuff from the local machine to a remote # server, encrypted with a passphrase function run_duplicity { echo Backing up '$1' ... PASSPHRASE=`cat /root/.blah/passphrase` duplicity $1 \ scp://user@example.com//home/example/bkp$1 } run_duplicity /var/lib/mysql/dbtobackup run_duplicity /home/andy/Maildir

I have one "run_duplicity" line for each directory I want to back up securely. I have my passphrase in a file only reeadable by root in /root/.blah/passphrase, and you either have to type your ssh password each time you run the script, or you can set up a key to let you log in automatically using ssh-keygen.