This is a way to create an incremental automatic periodic backup of any folder located in a remote machine via SSH in a linux/unix machine. A pair of rsa keys are used for authentication with the remote server, rsync is used to copy the archives and cron to run the script periodically. All in all, it’s a fairly simple way to accomplish a full backup of a web server (or any server for that matter), specially when combined with a true incremental DB backup with rotation like the one described in this previous post.
1. The first thing to do is to get rsync working properly. This same command will be used later with crontab.
Run this in a terminal

rsync -avz -e ssh username@server:/var/www/FOLDER /home/local_username/backup

if you have ssh configured with a custom ssh port you can specify your port number like this:

rsync -avz -e ’ssh -p1234′ username@server:/var/www/FOLDER /home/local_username/backup

1234 beeing your port number

What this command does it to recursively transfer all files from the directory “/var/www/FOLDER” on the remote (server) machine into the “/home/loca_username/backup” directory on the local  machine.
The  files  are  transferred in “archive” mode, which ensures that symbolic links, devices, attributes,  permissions,  ownerships,  etc.  are preserved  in  the transfer.  Additionally, compression will be used to reduce the size of data portions of the transfer.

2. Now that you got the previous command working, you need to set up a way to log to the remote server without prompting for a password. To accomplish this we need to generate a pair of rsa keys with a blank password.
On the local machine type

ssh-keygen -t rsa

When it prompts you for a phasprasse just hit enter. This will generate a private and a public key in /home/username/.ssh/ named id_rsa and id_rsa.pub.

Note: If security is critical and you are paranoid, you should generate a pair of keys with a strong passphrase and use ssh-agent and ssh-add to remeber the passphrase during to whole session. This way you only need to enter the passphrase during startup and no security risks are taken.

3. Now we need to copy the id_rsa.pub contents into the authorized_keys file in the server. Please note, it is the content of the public key what needs to be copied, not the key file itself, although if you only have one public key to authorize coping and renaming the file will have the same result. One way to do this is using the cat command.

On the local machine run

cat .ssh/id_rsa.pub | ssh username@server ‘cat >> .ssh/authorized_keys’

it should prompt you for your password for the last time

note: if you have changed the default ssh port you should run this command instead

cat .ssh/id_rsa.pub | ssh -p1234 username@server ‘cat >> .ssh/authorized_keys’

now test it

ssh username@server

again, for custom ports use this instead:

ssh username@server -p1234

At this point you should be able to connect to your remote machine via SSH without any password prompts.

4. Ok! now let’s create a .sh script with the rsync command we tested in step one

in a text file type this

/usr/bin/rsync -avz -e ’ssh -p1234′ remote_username@server:/var/www/FOLDER /home/local_username/backups

OR, if you are using a custom port number

/usr/bin/rsync -avz -e ’ssh -p1234′ remote_username@server:/var/www/FOLDER /home/local_username/backups

save this file as sshbackup.sh, remember to give execution permissions to this file, otherwise it won’t work with cron.

5. Almost there, now we just have to add a job with crontab to run the script periodically.
In a terminal type

crontab -e

Note: Do not use sudo before this command as it is user specific. If this is the first time you use crontab it should prompt you to choose the default editor (ed, nano or vim tiny) I suggest nano.
A window will open, add this line:

00 16 * * * /path to file/sshbackup.sh

This line means that the script mysqlBackup.sh will run everyday at minute 00, hour 16 (4pm). Obviously you should replace “path to file” and “ftpbackup.sh” with your data… you can change the time and periodicity of execution by changing cron parameters:

*     *     *   *    *        command to be executed
-     -     -   -    -
|     |     |   |    |
|     |     |   |    +—– day of week (0 – 6) (Sunday=0)
|     |     |   +——- month (1 – 12)
|     |     +——— day of        month (1 – 31)
|     +———– hour (0 – 23)
+————- min (0 – 59)

now exit nano by pressing CTRL + X, it will ask you if you want to save, say yes and accept the name by default as it is only a temporary name and the data will be merged into the user’s cron schedule anyway.
That’s it, now you should have fully automated incremental ssh backup running daily at 4 pm. Remember to burn the transferred backup to external media at least once a month and send it to your grandma to keep safe, just in case both of your machines explode at the same time

Cheers!

The Fully automated remote SSH backup in ubuntu by Red Mezzanine, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Noncommercial 3.0 Unported License.