This document describes step by step how to use Unison for a save back-up to a Linux server using ssh to make the thing more secure.
Since Windows (still) does not come with its own ssh implementatin we need to install one. In this case we will use SSH for windows:
Download the latest release and install it
Now try to connect to your ssh server
open a command promt
If you get a connection it will ask if you want to connect to the server
Type your password
And you are connected to your ssh server
type exit to leave the ssh shell
Create a key pair
To prevent entering the password every time we create a backup we need to create a secret keypair
Open a ssh session to the server
ssh-keygen -t rsa
Some messages appear:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/myusername/.ssh/id_rsa): press enter
Created directory ‘/home/myusername/.ssh’.
Enter passphrase (empty for no passphrase): (leave empty and press enter)
Enter same passphrase again: (leave empty and press enter)
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
The sshd server has to be configured to accept these auto-logins, make sure the file /etc/ssh/sshd_config containes the following lines
sudo pico /etc/ssh/sshd_config
Save te file and exit
logout of the ssh server
Get the id_rsa file into each of the windows users .ssh directorie .ssh This file is your private key (i.e. your password), so don’t leave copies lying around!
Since Open ssh comes with scp, use that to download and set the correct permissions of your private key:
scp email@example.com:.ssh/id_rsa id_rsa
Now test if you can connect without entering a password:
If you get a ssh version you are ready to install Unison
Type exit to leave the ssh session again
Or here (This is unison version 2.32.94)
The exe is configured to install in the current directory. You can do this during installation, just tell it where to put the files. Do not put it in the Program Files folder. Windows is very picky on that. Best place to put it is in a folder under the username you want the backup to run for.
Go to the folder you extracted winison and start winison.exe
The first time it asks you if a shortcut should be placed in the start menu.
Answer yes (so you don’t have to search for it later)
A window pops-ups up.
Test the backup
Now the configuration starts. It is advised to start with a folder containing 1 or 2 small files to make sure everything works as expected. This prevents frustration while waiting. Because all data is encrypted it can take a while to synchronize large files and folders.
Make a new folder: test
Add a simple text file a.txt
Start winison from the folder you extracted it.
In the profile field enter something like Test (we will remove this later)
In the local root window: browse to your test folder
In the remote root window enter
Press Go when asked to save the changed profile click yes
Since it is the first time unison runs it give some info because no archive is found. Just press enter
Now the 2 systems must synchronize. It can take some time so don’t worry, just wait for it to finish.
When all goes well the 2 folders will be synced. You can test by changing the test file or create a new file in the test folder. Or create a folder in the test folder.
If the 2 servers finished checking questions will be asked what to do. Just press enter
Now we check if the folder and test file is created:
Open a command prompt
The test file a.txt (or the name you used) should be there.
If you want more testing done you can find a tutorial here.
Copying files over an Internet connection can take a lot of time depending on the Internet speed. It can take days to copy files to your server.
You can manage this 2 ways:
1. Make the first copy to your server using FTP
2. Manage what to backup adding folders one by one (see Final thoughts on how to manage that).
You can just backup My Documents completely but you may want to specify what you want unison to do. Some files you don’t want in your backup like thumbs, tmp etc.
In the unison profile file you can include and exclude files and or folders.
Here are some basic profile settings that can be used. Modify it as needed.
#Folders to synchronize
root = Your folder to backup
root = ssh://username@servername/sync
# Folders to backup
#Folders to exclude
ignore = Path
Files to exlude
ignore = Name *.tmp
#Don’t ask about normal files
# Prevent chmod issues
perms = 0
#Prevent deletion of all files if all files are localy deleted
#Check fast, don’t compare bit by bit
# Make a backup if the same file is changed local and in the backup
# When running from the command line be silent, only show errors
silent = true
#Use file time not folder time for changes
# Don’t delete old files but keep them (it is a backup)
backup= Name *
See the offical unison manual for more settings.
Schedule the backup
We are all human and forget things. Computers never forget anything and are good at keeping track of time. So why not use that to schedule the backup?
Winison comes with a handy feature: it creates batch files for you to do the work. You will find them in the directory you install winison <profilename> full background.bat is the one you can use if you use the windows scheduler.
Make sure the user has a password or the windows scheduler will not run.
Thats it. That is how you can backup your windows file to a linux machine.