Off-site backup server

[ggadrian]

I just contracted a dedicated server to make backups of important files. The server specs are the following:

-Intel atom 1.6+ GHz 1C/2T
-2GB RAM
-500GB HDD
-100Mbps
-Unlimited transfer
-CentOS

I have a server that holds the files of a small office, and the other computers access to the files stored in the server. This server does daily local backups and we put them every week on a external hard drive.

So I want this CentOS server to backup the files of the office server. If possible, I'd like to have version control.

The files must be encrypted, given that there's a lot of confidential customer information. I will want to have secure transfers between the servers, VPN maybe?

So, how should I configure this? Is there any possibility to only use cheap <50$ or free software?

Thank you in advance.

 

[thecoolnessrune]

Two points I want to get out of the way before I make any sort of recommendations:

1: Do you have to adhere to any data processes such as FIPS? If you do, you should be extremely familiar with these practices before deploying an offsite datastore method that hosts sensitive customer data. And if you aren't, shouldn't you be?

2: If having to adhere to any of the above standards, I sincerely doubt you're going to get anything for less than $50.

Anyways, if I had personal backups that I wanted to keep offsite on a dedicated server, (no way I would store sensitive customer data on it), I would download Crashplan on each server. It is free to backup to other computers. I'd create a private 448-bit key for the local backups, and then set up a sync between the local and off-site systems. Done and done. Data backs up between both sites in secure fashion..

That being said, the account is vulnerable if they figured out the credentials, but they would need your CrashPlan account AND your 448-bit key. Still, if there's any sort of customer sensitivity, you really should be looking into a proper, professional service with the credentials to match. Things like the big boys (Dakota Backup, Asigra, Access, and Iron Mountain).

 

[skyking]

Two points I want to get out of the way before I make any sort of recommendations:

1: Do you have to adhere to any data processes such as FIPS? If you do, you should be extremely familiar with these practices before deploying an offsite datastore method that hosts sensitive customer data. And if you aren't, shouldn't you be?

2: If having to adhere to any of the above standards, I sincerely doubt you're going to get anything for less than $50.

Anyways, if I had personal backups that I wanted to keep offsite on a dedicated server, (no way I would store sensitive customer data on it), I would download Crashplan on each server. It is free to backup to other computers. I'd create a private 448-bit key for the local backups, and then set up a sync between the local and off-site systems. Done and done. Data backs up between both sites in secure fashion..

That being said, the account is vulnerable if they figured out the credentials, but they would need your CrashPlan account AND your 448-bit key. Still, if there's any sort of customer sensitivity, you really should be looking into a proper, professional service with the credentials to match. Things like the big boys (Dakota Backup, Asigra, Access, and Iron Mountain).

What about using SFTP/SSH2 with public/private key pair authentication?
Just wondering where that fits in to your idea of 'secure'.

 

[ggadrian]

Two points I want to get out of the way before I make any sort of recommendations:

1: Do you have to adhere to any data processes such as FIPS? If you do, you should be extremely familiar with these practices before deploying an offsite datastore method that hosts sensitive customer data. And if you aren't, shouldn't you be?

2: If having to adhere to any of the above standards, I sincerely doubt you're going to get anything for less than $50.

Anyways, if I had personal backups that I wanted to keep offsite on a dedicated server, (no way I would store sensitive customer data on it), I would download Crashplan on each server. It is free to backup to other computers. I'd create a private 448-bit key for the local backups, and then set up a sync between the local and off-site systems. Done and done. Data backs up between both sites in secure fashion..

That being said, the account is vulnerable if they figured out the credentials, but they would need your CrashPlan account AND your 448-bit key. Still, if there's any sort of customer sensitivity, you really should be looking into a proper, professional service with the credentials to match. Things like the big boys (Dakota Backup, Asigra, Access, and Iron Mountain).

Well, I suppose that FIPS is something like the LOPD, which is the regulation I have to follow (I'm from spain).

THe regulation asks me to have regular off-site copies and that everything that goes out of the office has to be encrypted. It doesn't specify the level of encryption or any other practice to protect the data, so I suppose that y wouldn't be liable in any case as long as I have encrypted backups.

The customer data is confidential, but in case it goes to the wrong hands it's not really dangerous, since there's not financial data or something like that.

So, maybe a VPN between the two servers with version control and encrypted data on the offsite server? Which software would I need?

If that's not possible or not safe enough, encrypted backups on the local server that automatically goes to the offsite server? Should I use a VPN for that too? Do I need something else than CrashPlan?

Thank you.

 

[ggadrian]

What about GIT? Is it safe? If not, is there any way to make it safe?

And subversion?

 

[tomt4535]

Another vote for Crashplan. It's really simple to set up and does exactly what you want. The files and communication are encrypted for you and keeps track of the versions.

 

[thecoolnessrune]

What about using SFTP/SSH2 with public/private key pair authentication?
Just wondering where that fits in to your idea of 'secure'.

Because if you're already using a VPN like you're supposed to, and that is the only target on the other side of the VPN, then it would be incredibly redundant and unoptimal to additionally route it through an SFTP tunnel.

The OP was already pretty set on using a VPN, so I didn't bother to mention it

By the way, where is your mentioning of RSA two-factor authentication on each side?

Just wondering where that fits in to your idea of 'secure'.

 

[ggadrian]

I've been studying the CrashPlan option and it looks pretty good, but the free app only supports 128bits encryption, and that's kind of a deal breaker. Can I do something additional to improve the security of the files in the server?

If I can't have something more secure than 128bit encryption (which, btw, should be enough to follow the current regulations) I'll need something different.

I've been looking at Bacula, but it looks really complicated. Someone has any experience with it?

 

[kevnich2]

For the advantages of crashplan - why don't you just pay the monthly/yearly fee for the service? Their prices are better than most I've seen and have a very solid product with excellent security and encryption. Since you are planning on using this for business, you should be paying to use it.

 

[ggadrian]

For the advantages of crashplan - why don't you just pay the monthly/yearly fee for the service? Their prices are better than most I've seen and have a very solid product with excellent security and encryption. Since you are planning on using this for business, you should be paying to use it.

Well, it's really cheap, but it's not my business and they don't want to pay monthly.

I have no problem in buying a license (as long as it has a reasonable price), in fact we have a license of EaseUS Workstation for doing local backups.

So, any other option?

 

[thecoolnessrune]

If they don't want to pay monthly, there is a yearly price. The price is even cheaper through paying by the year.

I cannot think of a single backup source where you only pay once. Why would any company with a paid service, that is letting you back up only-increasing amounts of data to them, for a one-time fee?

 

[ggadrian]

If they don't want to pay monthly, there is a yearly price. The price is even cheaper through paying by the year.

I cannot think of a single backup source where you only pay once. Why would any company with a paid service, that is letting you back up only-increasing amounts of data to them, for a one-time fee?

No no, I'm planning to back up to my own server. I don't need CrashPlan cloud service.

 

[imagoon]

You might have better luck asking a mod to move this to the Linux forum. Your request really doesn't have anything to do with networking other than the fact that it uses a network. You are looking for Linux application information which this is really the wrong forums for.

 

[ggadrian]

You might have better luck asking a mod to move this to the Linux forum. Your request really doesn't have anything to do with networking other than the fact that it uses a network. You are looking for Linux application information which this is really the wrong forums for.

I saw similar threads in this sub-forum, sorry if this is not the proper place.

I'll ask a mod to move it.

 

[tomt4535]

No no, I'm planning to back up to my own server. I don't need CrashPlan cloud service.

You don't have to use their cloud backup destination if you don't want to. If you aren't planning on it, then just buy the 10GB Crashplan+ license that is $32.xx/yr. That features the higher encryption and you can back it up to the destination of your choice.

 

[ggadrian]

What about Genie Backup Manager Professional?

It's able to backup using ftp, costs about 59&#8364;, and features encryption.

I'm not sure about the encryption thing: it says militar grade 3-levels of AES encryption. What does that mean? Someone knows what encryption is this software using?

Someone has any experience with it?

 

[Red Squirrel]

I like the KISS method, since it's already a Linux box, simply use rsync over SSH. Setup key pair authentication so you can automate the backup (wont prompt for password). the network transmission will be encrypted. Also if this server's only purpose is backups you can even restrict company's IP in the firewall so the server is pretty much invisible from anywhere else. You will want to ensure the business has a static IP though as if it changes you would lose complete access to the server.

Optionally you can look into file encryption too but it is tricky to automate that in a way where it's actually secure and the key/password is not on the same server. Though you could have a local script (at the company's server) that works something like this:

- ssh to remote server to initiate the mount/decrypt command, specifying the password
- rsync files to said volume
- umount volume

That way if the server is compromised (would have to be physical given you'd only allow the corporate IP to ssh in) everything will be encrypted and not mounted.

I would not use a 3rd party solution where they host it, is that a point of trust you want to take a chance on? For example look at what happened to megaupload. I'm sure lot of people used that to backup their files or put sensitive info on it, and now it's all in the hands of the government. The last group ever you want to have access to your files.

So stick with self hosted solutions. I suppose it's possible for an entire data center to get raided though, but probably very unlikely.

 

[ggadrian]

I like the KISS method, since it's already a Linux box, simply use rsync over SSH. Setup key pair authentication so you can automate the backup (wont prompt for password). the network transmission will be encrypted. Also if this server's only purpose is backups you can even restrict company's IP in the firewall so the server is pretty much invisible from anywhere else. You will want to ensure the business has a static IP though as if it changes you would lose complete access to the server.

Optionally you can look into file encryption too but it is tricky to automate that in a way where it's actually secure and the key/password is not on the same server. Though you could have a local script (at the company's server) that works something like this:

- ssh to remote server to initiate the mount/decrypt command, specifying the password
- rsync files to said volume
- umount volume

That way if the server is compromised (would have to be physical given you'd only allow the corporate IP to ssh in) everything will be encrypted and not mounted.

I would not use a 3rd party solution where they host it, is that a point of trust you want to take a chance on? For example look at what happened to megaupload. I'm sure lot of people used that to backup their files or put sensitive info on it, and now it's all in the hands of the government. The last group ever you want to have access to your files.

So stick with self hosted solutions. I suppose it's possible for an entire data center to get raided though, but probably very unlikely.

Can I use rsync between a windoes 7 and a linux box?

I like this solution, but it looks like a little bit too complicated for me to implement.

They don't have an static ip in the office, and if it where possible to have one (I'm not sure) it would be pretty expensive. Would that work using a service like no-ip?

I agre with you in the hosting part, that's why I contracted a server even before deciding the backup method. The one thing I know is that I don't want cloud storage when it comes to important data.

 

[Red Squirrel]

Hmm for this situation maybe it would be easier to setup a pull system instead of push. Have the backup server connect to the office to grab the backups. This will require having to open up a port to the office server though and the network/security/IT/management team may not want to do this. You would only allow the backup server to connect to this port.

What I personally would do is setup a Linux box to act as a gateway, it would be a rather basic box, CentOS with the SSH port open to the internet, only allowing the backup server to connect. The SSH gateway server would have SMB (windows) shares mapped so that this server can see all the files that need to be backed up. The backup server would then rsync the data from this server to itself. It will see the shares as if the files were local, basically.

 

[skyking]

Because if you're already using a VPN like you're supposed to, and that is the only target on the other side of the VPN, then it would be incredibly redundant and unoptimal to additionally route it through an SFTP tunnel.

The OP was already pretty set on using a VPN, so I didn't bother to mention it

By the way, where is your mentioning of RSA two-factor authentication on each side?

Just wondering where that fits in to your idea of 'secure'.

Mine was just a general question and really did not relate to the OP. I probably should have started my own thread.

 

[ggadrian]

Hmm for this situation maybe it would be easier to setup a pull system instead of push. Have the backup server connect to the office to grab the backups. This will require having to open up a port to the office server though and the network/security/IT/management team may not want to do this. You would only allow the backup server to connect to this port.

What I personally would do is setup a Linux box to act as a gateway, it would be a rather basic box, CentOS with the SSH port open to the internet, only allowing the backup server to connect. The SSH gateway server would have SMB (windows) shares mapped so that this server can see all the files that need to be backed up. The backup server would then rsync the data from this server to itself. It will see the shares as if the files were local, basically.

There's no problem with any team, it's my mom's office and I can do whatever I want as long as I more or less fit the budget, and I do that as a hobby.

I like this idea, but I have two doubts:

-Would it work if the second linux box is a VM in the office server?
-What about the encryption?

 

[Red Squirrel]

Would work fine as a VM provided it has network access to the network. Bridged networking config would work fine.

For file encryption, you'd have to have the business server first send a command the the backup server to mount the volume, that way the server specifies the key/password through said command and it's never stored anywhere on the backup server. After the pull job is done, it dismounts the volume.

 

[ggadrian]

Would work fine as a VM provided it has network access to the network. Bridged networking config would work fine.

For file encryption, you'd have to have the business server first send a command the the backup server to mount the volume, that way the server specifies the key/password through said command and it's never stored anywhere on the backup server. After the pull job is done, it dismounts the volume.

I use EaseUS TodoBackup Workstation for my backups and it allows to protect the image with password.

Lets say I use a 15 characters password generated by 1password (maximum supported by the software), would it be safe enough? Is it easy to brute-force 15 characters?

If it's safe enough I think that I'm gonna give this system a try.

 

[ggadrian]

What would be the advantages of a pull system instead of using the ftp client of the backup software?

 

[Red Squirrel]

Just realized the pull system may not work as you don't have a static IP... unless you can get a no-ip host setup, maybe that's an option for you. The advantage in your case is security, as the lack of static IP means you can't easily restrict on the backup server what IP connects to it (your business) but by doing pull you do the opposite, open up the business port, and restrict it to the backup server's IP.

Maybe look to see how hard it would be to get a static IP, and then you can stick with the more standard push method. Now that I think of it, this is what I'd do.

I'd also avoid FTP, as it's unencrypted and the password is sent in clear text. You could setup a VPN but that's more complex, but it would work too then FTP would be fine.