FTP backup service?

Forum Moderators: phranque

Message Too Old, No Replies

FTP backup service?

sodani

1:36 am on Sep 23, 2006 (gmt 0)

Can anyone recommend a good FTP backup service? I use plesk, which has a scheduled backup functionality built into it, but I just need to find an ftp server. I was using Godaddy's, but wasn't happy that I couldn't access the backed up files because it required SSH to access, and I don't know SSH.

Alioc

2:02 pm on Sep 23, 2006 (gmt 0)

Do not rely on external services. You know, for security reasons. Take your backups yourself. Your host should also offer daily backups. You might be able to backup your files from the hosting control panel too.

SSH isn't so confusing and you don't have to know everything about it. Just learn the commands to archive folders then download to an external harddisk.(In case your machine crashes forever.) It's basically "zip" and "unzip".

[google.com...]
[google.com...]

sodani

4:04 pm on Sep 25, 2006 (gmt 0)

yeah it's just that being an efficiency freak, I want to be able to automate this. I suppose I will just use the ftp backup service that godaddy offers.

jtara

9:50 pm on Sep 25, 2006 (gmt 0)

There's no reason you can't automate sftp transfers.

You do compromise security somewhat by doing so. You either have to embed a password in a script (not such a good idea - you'd have to do this with FTP in any case) or else you have to use a public key (for the local machine/user) that doesn't have a passphrase.

So, guard the public key carefully, because anybody who can get a copy of it can log-in to your backup site. Of course, you would have it in a file unaccessable through your web server, not readable to other users, etc.

You gain some additional security by using a certificate instead of just a public/private key pair. This is because the certificate limits the source IP address. But you well may be able to get the same level of security depending on options at the backup site. For example, if they can limit connections by IP address, you gain the same bit of security.

ssh has multiple ways of identifying you for login purposes:

- password - generally uses your Linux account password

- private/public key. You generate a private/public key pair. You put a copy of the public key on the backup server. You put a copy of the private key on the system being backed-up. No password is needed. However, a password is needed on the system initiating the connection (in this case, your web server) if the public key has a passphrase.

- X.509 certificate, similar to what you use for an SSL website

When using passwords, using sftp is little if any different form using FTP, other than the commands used. I cna't think of a good reason for using FTP.

The other forms of identification can be a convenience. Under XWindows, for example, there's a handy program that will ask for a passphrase at startup, and then your key can be used without further authentication until logout. It sure is handy to just be able to open a Konquerer (KDE file browser) or KATE (KDE file editor) session on your website using and sftp:: kioslave. (It's just as easy as it sounds - just type sftp:: followed by user@example.tld/path/to/file).

If you have problems running scripts on your host, why not do the backup from the other end? Any reason why you aren't doing backup to a local machine? That gives you the most flexibility, as you can choose to encrypt or not encrypt backups, take them off-site on a CD/DVD, etc.