[Box Backup] Backup the backup

Chris Wilson boxbackup@fluffy.co.uk
Tue, 31 Oct 2006 20:12:15 +0000 (GMT) 

Hi Simon,

>>  If I've understood the archives right the solution is to rsync over 
>>  the whole structure from the primary machine to an secondary/backup 
>>  machine and _when_ the primary dies copy everything to a new machine, 
>>  install box backup and restore the keys. Check and fix the accounts 
>>  (if we have rsynced when someone is doing their backup for an example) 
>>  and we're all set. Have I missed something?

I think that's right.

>>  I am in need of a solution where I can have one primary backupserver 
>>  located at the companys LAN for fast backups. But then I need to 
>>  transfer that the primarybackup to an secondary backupserver which 
>>  also is functional (i.e. clients can backup to both the secondary and 
>>  primary backupservers).

I would be careful about the last part, "clients can backup to both the 
secondary and primary backupservers." If you mean that clients could 
switch to using the secondary server using the same key, and make 
successful backups, then it is possible, as long as you:

* maintain unique account numbers across all servers;
* merge the accounts.txt files on the secondary server; and
* use the same CA to sign each server's key (and the secondary).

The last part is a little insecure. Any of your customers could set up an 
impostor for another company's server, but they'd still have to persuade 
clients at the other company to connect to their server instead of yours.

>>  And no, overwritten backups is not an issue. My clients don't to their 
>>  backups more than once a week at tops, most do it once a month. And 
>>  from the primary backupserver I am rsyncing over everything each 
>>  night. And I _always_ restore from secondary backup.

Unless client A (which normally backs up to server B) backs up to the 
secondary server S one day, and then rsync from B overwrites the newly 
backed-up data on S.

>>  Since I have a few companies to setup this on how do you suggest using 
>>  keys? I mean, sure I *could* use the same key for everything. but 
>>  that's not secure *at all*.

I would configure the keys as above. All clients with unique keys, all 
servers with unique keys, all signed by the same CA.

>>  If I were to use seperate keys I would need to use one bbstored for 
>>  each company/key, right? And that would require an unique port or 
>>  IP-address.

In this setup there would only be a single instance of bbstored on the 
secondary, bound to a single IP and port.

This might not work, but my understanding isn't good enough to identify 
any flaws. Unless anyone else points out a problem, I'd suggest that you 
try it, and test thoroughly.

Cheers, Chris.
-- 
_ ___ __     _
  / __/ / ,__(_)_  | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |