LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-18-2017, 07:12 PM   #1
johnb0647
LQ Newbie
 
Registered: Oct 2016
Posts: 3

Rep: Reputation: 0
SSH connect: 2 way with RSA keys???


I live in the Philippines where the power system is primitive and sensitive to the frequent lightening storms. Last month in one evening I had 3 computers knocked out. All three had the power supply knocked out, one had a fried motherboard and one had fried HDD and RAM. This is the second time in 10 years this happened.

I'd like to set up an automated system (cron) that will back up the HOME and DOCUMENT directories of two computers to each other. This is not to hop back and forth daily but the idea is that when/if one is knocked out, it's user can log into the other and pick up where they left off. When the damaged computer is repaired they "reverse mirror" their HOME back one time and all is back to normal.

So there will be a one-way mirror daily and a reverse mirror when needed.

SSH together with FreeFileSync seems like the answer but I'm not sure how to set up the SSH connections so they will go either way from a script, i.e. using RSA keys so my wife and 10 y.o. daughter won't have to mess with CLI commands.

I tried following a tutorial to set up a client/server pair (A -> B). It worked fine one way but won't work in the other direction. I then tried duplicating the client/server install the other way (B -> A) but that doesn't work.

What's the best way to do this?

All computers have more or less the same hardware and run LinuxMint 18.2.

TIA
 
Old 08-19-2017, 10:16 AM   #2
/dev/random
Member
 
Registered: Aug 2012
Location: Ontario, Canada
Distribution: Slackware 14.2, LFS-current, NetBSD 6.1.3, OpenIndiana
Posts: 319

Rep: Reputation: 112Reputation: 112
Why not just use rsync to sync the data on the backup host then manually sync it back from a failed computer later?
 
Old 08-19-2017, 10:53 AM   #3
Rickkkk
Senior Member
 
Registered: Dec 2014
Location: Montreal, Quebec and Dartmouth, Nova Scotia CANADA
Distribution: Arch
Posts: 1,253

Rep: Reputation: 467Reputation: 467Reputation: 467Reputation: 467Reputation: 467
Hi johnb0647,

Welcome to LQ.

If you are looking for an alternative to rsync (mentioned /dev/random's above post), these 2 solutions might interest you:

- CrashPlan: commercial GUI app that is free to use if backing up / synching between computers. They charge if you use their online solution.

- BeyondCompare: commercial GUI app that can be used for free for a generous number of months to try out. Lets you backup / sync / mirror in all sorts of ways.

There are others ...

Cheers !

Last edited by Rickkkk; 08-19-2017 at 07:32 PM.
 
Old 08-19-2017, 02:20 PM   #4
toothandnail
Member
 
Registered: Apr 2007
Location: Oxfordshire, UK
Distribution: Arch, Sparky, Salix64
Posts: 117

Rep: Reputation: 23
I've never used FreeFileSync, so I can't comment on it. Setting up key pairs for is reasonably simple though...

Use ssh-keygen to generate keys on each of the machines. If you're going to be using the keys in scripts, they need to be without passwords. Whatever user you use to generate the keys needs to have sufficient access to be able to access the files you want to mirror.

Once the keys have been generated, you can use ssh-copy-id to copy the public key from each machine to the other machine. Or else you can copy the id_rsa.pub to something like a flash drive, and use cat to copy the key contents. Command looks like this:

Code:
cat id_rsa.pub >> /home/username/.ssh/authorized_keys
you will (naturally) have to substitute the correct user name for "username" above...

Once that has been done on both machines, you should be able to ssh from one to the other without needing to enter a password.

I use ssh and rsync to backup one machine to another:

Code:
rsync -az --modify-window=2 --stats paul@deneb:/home/paul/Documents/ /home/david/paul-backup/
That synchronises files between two machines, but does not delete copies of files that no longer exist on the source machine. Depending on how your network is set up, you may need to use IP addresses rather than machine names - in my case, I have dnsmasq providing good local DNS, so I can use machine names.

Paul.
 
Old 08-19-2017, 06:15 PM   #5
jlinkels
LQ Guru
 
Registered: Oct 2003
Location: Bonaire, Leeuwarden
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,194

Rep: Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040
I assume both machines are trusted and both machines will use the same user for backing up.

Generate a key-pair using ssh-keygen. This will create two keys:
private, secret: id_rsa
public, non-secret: id_rsa.pub

Put the public key in remote.host.ip:/home/yourname/.ssh/id_rsa.pub and in that directory:
cat id_rsa.pub >> autorized_keys.

The private key you put in local.host.ip:/home/yourname/.ssh/id_rsa

Not you can connect passwordless from local to remote.

To mirror that setup, put your id_rsa also in the .ssh directory of the remote computer. Add the public key to authorized_keys on the local computer. It will also work the other way around.

In addition, if you only want to set up authorization on one side, you can use rsync to push a copy to the remote computer. And also use rsync to pull a copy of the remote computer.

Rsync, scp and ssh all use the same key authentication mechanism. So you can test with ssh. If it works, so will rsync.

The next problem is that if the computers are connected thru ethernet cable, a lighting strike on one can damage the other. I have seen this happen on my network. The ethernet connectors had black burn marks. And most computers were gone. Wireless might be an option.

jlinkels
 
Old 08-20-2017, 12:05 AM   #6
Turbocapitalist
LQ Guru
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 5,612
Blog Entries: 3

Rep: Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859
Though I haven't tried unison myself, it does sound like it might work between just two computers:

It should be in your distro's repository. Otherwise rsync has a --update option to skip files that are newer on the destination than on the source.
 
Old 08-21-2017, 10:05 PM   #7
johnb0647
LQ Newbie
 
Registered: Oct 2016
Posts: 3

Original Poster
Rep: Reputation: 0
to: jlinkels

I also saw the fried connectors (and chips and caps) on the ethernet connectors, wideband modem and router the first time this happened. As you said.... I immediately went to WiFi for every connection I could. I even bought an extra pair of wireless AP's to make a connection between the wideband modem and the router/system_AP.

I disconnect the internet cable when the weather is obvious too.

I even bought a sack of 50 large MOV's (the main component in surge protectors) and followed a DIY plan I found on the net to put 25 in parallel to protect my main electrical connection coming in. Unfortunately, this last time got past all that. Must have just been massive induction from a very close flash.

Thanks for the help.
 
Old 08-23-2017, 01:54 AM   #8
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009
I place a full-inversion UPS between the mains supply and the equipment. Lightning won't go through that. It's total protection. If the power-level drops too far or rises too high, the circuit to the mains is cut, and the data-processing system runs on inverted battery power. If you can obtain one I highly recommend it.

They're not too expensive. But they're heavy. So shipping can be expensive.
 
Old 09-06-2017, 06:03 PM   #9
johnb0647
LQ Newbie
 
Registered: Oct 2016
Posts: 3

Original Poster
Rep: Reputation: 0
I like "AwesomeMachine"'s suggestion BUT..... the Philippines has single leg, 240 volt to ground power which makes it difficult to find imported devices such as UPS that can live with that. UPS devices ARE available here but PH is strictly price driven so the available units are very low price and quality and seldom last very long. They are usually "no brand name" Chinese companies that change their names every year or so and never offer any support. I know a computer shop here that has a nice little sideline recycling bricked UPS devices.

Part of the problem is very dirty power with 4000 volt spikes at the wall sockets every few seconds, 24/7. They only last a few microseconds and so don't bother analog equipment but anything silicon eventually breaks down.

Still... things are constantly changing and I haven't looked at what's new for a year or two so I'll take your valuable advice and check around.

Thanks
 
Old 09-06-2017, 07:31 PM   #10
jlinkels
LQ Guru
 
Registered: Oct 2003
Location: Bonaire, Leeuwarden
Distribution: Debian /Jessie/Stretch/Sid, Linux Mint DE
Posts: 5,194

Rep: Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040Reputation: 1040
An alternative is a solar UPS running from batteries. Chinese made as well, but I run quite a few of them and they are surprisingly reliable. Sine wave. The batteries can be charged with an ordinary low-cost battery charger. Analog in your terms. Use a low-power charger which is able to just keep your batteries charged given your normal use.

You can also use a high tech charger which charges faster and then maintains the charge once the batteries are full. But such a charger is more likely to die during a thunderstorm. Not sure if they can handle the microsecond spikes.

jlinkels
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH RSA keys location 10110111 Linux - Software 1 09-13-2011 05:38 PM
SSH Connection Closed only when RSA Keys are present Sburk Linux - Software 3 06-07-2007 02:09 PM
SSH Private RSA keys keysorsoze Linux - Security 4 11-22-2006 10:44 PM
SSH Forcing users to use RSA keys XaViaR Linux - Security 8 07-07-2005 12:42 AM
RSA Keys for SSH XaViaR Linux - General 4 07-02-2005 09:15 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration