BackupPC Setup: Server
BackupPC Server Setup Manual
This manual will show how to set up a BackupPC server. Obviously this is only for the administrator with root privilege. "Server" is the computer that does the backup and keeps the backed up data.Pre-requisites
- Debian based Linux
- IP address
- List of folders you want backed up OR...
- List of folders you don't want backed up
- ~20 min of your time
1. Install Pre-Requisites
First, install the prerequisites. In your terminal, sudo apt-get update
sudo apt-get install ssh samba smbfs rsync apache2
sudo apt-get install php5
sudo apt-get install libapache2-mod-php5
sudo /etc/init.d/apache2 restart
To test that PHP and Apache2 were installed correctly, do the following:
sudo gedit /var/www/testphp.php
Add the following to this file and save it.
<?php phpinfo(); ?>
Then in a web browser, go to the following address (assuming you're on the local machine).
http://localhost/testphp.php
If you see some information about the server nicely organized, then everything is good.
2. Install BackupPC
To run BackupPC, it is recommended that there be a system user specifically for this program. We will create a user 'backuppc' for this. sudo useradd backuppc
sudo passwd backuppc
You will be prompted to make up a password for backuppc. It needs to be a good one.
Now let's install BackupPC
sudo apt-get install backuppc
It will automatically set up the user 'backuppc' for BackupPC and the password will also be automatically assigned. Write them down. You will need them to log in later.
For global configuration change, refer to the official site. For the most part, this is not needed. But if you want to change it later, it is easy to change it after everything is up and running.
The file to be modified is /etc/backuppc/config.pl and it is very well commented.
3. Generate SSH keys
We must generate SSH keys for accessing the clients (computers to be backed up). To do this, first become the user 'backuppc.' You will need the password for this system user (ie OS user, not BackupPC user). If you already have id_rsa and id_rsa.pub files, you can skip the ssh-keygen step. su backuppc
cd ~
ssh-keygen -t rsa
It will ask for where to store the file and passphrase. Do not enter anything and just keep pressing enter. Now let's make a copy of the public key for the clients.
cd /home/backuppc/.ssh
ls
The above is to make sure you have id_rsa & id_rsa.pub
cp id_rsa.pub BackupPC_id_rsa.pub
The private key file (id_rsa) is something that you must guard with your life! (ok i'm exaggerating) Let's make sure that it's non-readable by anyone else but the root user;
chown root:root id_rsa
chmod 600 id_rsa
Request the 'clientname_id_rsa.pub' files from the clients (clientname is the name of their computer on the network). Let's add the client public key to the known host list. If you have the file 'known_hosts' in /home/backuppc/.ssh, skip the first command.
touch /home/backuppc/.ssh/known_hosts
cat /home/backupppc/.ssh/clientname_id_rsa.pub >> \
/home/backuppc/.ssh/known_hosts
Let's make sure again that the permissions are set correctly.
chmod -R go-rwx /home/backuppc/.ssh
To test that the SSH is set up correctly to connect to the client,
ssh -l root client_host_name whoami
'root' would be the client's user name if they chose to back up only the user's home directory. 'client_host_name' is usually the IP address of the client.
If the result is 'root' or 'username', then everything is set up correctly. Unless the client has already appended BackupPC_id_rsa.pub to their authorized list, this does not work.
4. Set-Up for Individual Client
Once the above steps are done and you have received 'clientname.pl' from the client, do the following (clientname is the name of their computer). You must first become a user that has the sudoer privilege. I'm using vi, but you can use other text editors if you like (eg gedit, kate, etc).sudo vi /etc/backuppc/hosts
Add the following line (bolded) at the end of the file
host dhcp user moreUsers
... ... ... ...
clientname 0 username backuppc
I recommend that the clientname and the username be the same. This is the username for BackupPC. Make sure that the very last line in the file is a blank line.
IMPORTANT: Check the file 'clientname.pl' for syntax errors, and if it looks ok, place it in /etc/backuppc/.
Now you must set up a password for the client. 'username' is the same username placed in /etc/backuppc/hosts
sudo htpasswd /etc/backuppc/htpasswd username
This should be it for the server. You could login as 'backuppc' (this is the administrator account for BackupPC) at http://localhost/backppc/ and see if you can do a full backup on the client to test. Be sure to let the client know the username and password.
BackupPC Manual Start Page
Printer Friendly
March 30th, 2008 at 2:28 pm
Hello!
Nice article, but!
You spelled backuppc with 3 p’s.
Here:
cat /home/backupppc/.ssh/clientname_id_rsa.pub >> \
/home/backuppc/.ssh/known_hosts
June 11th, 2008 at 5:06 pm
Using Ubuntu Hardy server. Things go wrong for me at cd /home/backuppc/.ssh as this doesn’t exist. It appears to be at /var/lib/backuppc/.ssh
There is no known_hosts file anywhere that I can find and no response to logging in to backuppc remotely via http. BTW - BackupPC) at http://localhost/backppc/ - is the ‘u’ omitted?
Very frustrating.
August 23rd, 2008 at 6:32 am
Bob,
Try using “sudo adduser” instead of useradd. The former creates a home directory for the user (backuppc in this case).
You should be good to go after that. Then install. (By the way, when the setup is complete and you’ve exchanged all the keys, I like to use the “sudo chsh” command to set backuppc’s shell to /bin/false…)
October 20th, 2008 at 5:51 am
Very nice article.
I am a little confused though. I want to backup my own laptop onto an external drive, and so the server / client model is more than I need?
But then I seem to need to do parts of each tutorial?
January 28th, 2009 at 3:31 pm
It works fine (save for the absence of the /home/backuppc/.ssh thing for Hardy described above, easily fixed with the mkdir command) until I get to the stage of issuing the ssh -l root client_host_name whoami command, whereupon I get this error:
ssh: connect to host parlour port 22: Connection refused
I have fully followed the setup instructions for the client, and this error is therefore wholly inexplicable. I am using Ubuntu Hardy.
January 28th, 2009 at 7:15 pm
James,
Did you actually create a user named backuppc? If so, that home folder should have been there without making it. And if you didn’t make that user, some of the SSH commands I’ve posted may not work.
Also, have you installed the SSH package on the client machine?
sudo apt-get install sshTak
January 29th, 2009 at 1:03 am
Tak,
thank you very much for your very prompt reply
The problem seems to have been that I did not have SSH installed on either machine. Installing it on both, I now get this output:
ssh -l root parlour whoami
The authenticity of host ‘parlour (xxx.xxx.xxx.xxx)’ can’t be established.
RSA key fingerprint is [NUMBER REMOVED]
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘parlour,xxx.xxx.xxx.xxx’ (RSA) to the list of known hosts.
root
(I have stripped the actual key fingerprint and IP addresses from the above).
There was no home folder generated, but the user was created, I think, when I installed backuppc from a Debian package. Certainly, when I went to try to add the user, it reported that the user already existed.
January 29th, 2009 at 1:59 am
Tak,
alas, doing this does not seem to have enabled my backups to work. When I try to back up, I get:
full backup started for directory /home/robert
Running: /usr/bin/ssh -q -x -l root parlour /usr/bin/rsync –server –sender –numeric-ids –perms –owner –group -D –links –hard-links –times –block-size=2048 –recursive –ignore-times . /home/robert/
Xfer PIDs are now 28439
Got remote protocol 1881173838
Fatal error (bad version): No protocol specified
Sent include: /home
Sent include: /home/robert
Sent exclude: /*
Sent exclude: /home/*
Read EOF:
Tried again: got 0 bytes
fileListReceive() failed
Done: 0 files, 0 bytes
Got fatal error during xfer (fileListReceive failed)
Backup aborted (fileListReceive failed)
I think that the problem is related to the SSH authentication, but where am I going wrong?
January 29th, 2009 at 12:55 pm
Hmm, I found that I had put the ssh files in the wrong directory. I have corrected that (and also managed to backup my local machine), but now am having another difficulty: I get the following errors when I try to back up the remote computer:
full backup started for directory /home/robert
Running: /usr/bin/ssh -q -x -l root parlour /usr/bin/rsync –server –sender –numeric-ids –perms –owner –group -D –links –hard-links –times –block-size=2048 –recursive –ignore-times . /home/robert/
Xfer PIDs are now 7257
Read EOF: Connection reset by peer
Tried again: got 0 bytes
Done: 0 files, 0 bytes
Got fatal error during xfer (Unable to read 4 bytes)
Backup aborted (Unable to read 4 bytes)
Again, any help would be very much appreciated.
January 29th, 2009 at 1:02 pm
James,
Thanks for posting about the details of your problems. I think those postings make the site more interesting and informative.
I’m at work and don’t have much time to think about this issue, but it occurred to me that perhaps you don’t have rsync installed on the client machine? Also, are you getting the command from the backuppc web interface? Thanks.
Tak
January 29th, 2009 at 4:17 pm
Tak,
thank you for your reply
I do indeed have rsync installed - I have been using it successfully for years in a home-grown backup shell script!
As to the last point, I am not sure that I fully understand, but I am always running the backups from the web interface, so the command would come directly from there.
January 30th, 2009 at 7:22 am
James,
Can you make sure that these two things are typed correctly in your “client-user-name.pl” and that the file is /etc/backuppc on the server machine.
$Conf{XferMethod} = ‘rsync’;
$Conf{ClientNameAlias} = ‘xxx.xxx.xxx.xxx’;
January 31st, 2009 at 12:36 pm
Tak,
thank you for your help again. I found that the “ClientNameAlias” line was missing (I omitted it because I have a local DNS server built into my router, which uses the client name in any event), and added it just to be sure. I restarted backuppc and tried to run the backup again. However, I still got this error:
full backup started for directory /home/robert
Running: /usr/bin/ssh -q -x -l root 82.71.101.165 /usr/bin/rsync –server –sender –numeric-ids –perms –owner –group -D –links –hard-links –times –block-size=2048 –recursive –ignore-times . /home/robert/
Xfer PIDs are now 10873
Read EOF: Connection reset by peer
Tried again: got 0 bytes
Done: 0 files, 0 bytes
Got fatal error during xfer (Unable to read 4 bytes)
Backup aborted (Unable to read 4 bytes)
Any assistance would, as ever, be very much appreciated.
January 31st, 2009 at 2:39 pm
James,
Are your backup server and the client on the same LAN or separate?
It seems to me that your problem is connection (SSH) related and not Backuppc or its backend (like rsync).
In the $Conf{ClientNameAlias} = ‘xxx.xxx.xxx.xxx’; line, did you add your local IP address? eg 192.168.0.xxx?
February 1st, 2009 at 4:29 am
Tak,
thank you for your reply
Both computers are, indeed, on the same local network, although they do not use NAT: each has its own static public IP address. The firewalls are configured to allow all traffic from within my local IP range. So, the IP address that I used for the client “parlour” was the only IP address that that client has: its static public IP address.
February 4th, 2009 at 2:21 pm
Wow, what a great resource!
My clients are windows PC’s. My backups are working fine. However, I couldn’t get the ssh stuff to work. I get
ssh: connect to host port 22: Connection refused
This makes sense to me since there is no ssh server on my PC.
What is the ssh stuff used for? Is it OK to omit this step for windows PC?
February 4th, 2009 at 2:51 pm
Dave,
Yes you can skip. You just made me realize that there’s a bit of flaw in this tutorial. This page assumes that you’re dealing with Linux clients. But for Win clients, you can just skip the SSH step and you should be fine. SSH is how you connect to Linux clients.
James,
Sorry, I totally thought I had replied back to you already, but I didn’t. Have you tried this with the firewall turned off?
Tak
February 8th, 2009 at 4:42 am
Tak,
no, I haven’t tried it with the firewall off - do you think that this might be a firewall problem? As I said, it’s set to allow all traffic both up and downstream from and to all IPs on my local range.
July 22nd, 2009 at 10:00 am
How do you set up backuppc in the cron to archive nightly? I have read the documentation but do not get it.
February 16th, 2010 at 7:21 pm
In the “Install Pre-Requisites”, PHP is installed. I can see no references to BackupPC ever using PHP. Why should we install it?
We’re stuck on the client step where we’re to go to the server’s http://xxx.xxx.xxx.xxx/backuppc web app. We’ve not got any such web app installed. It appears that BackupPC’s web app is written in perl.