Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Duo v1, linux Internet backup? only use SSH?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
08:40 AM
2014-10-15
08:40 AM
Duo v1, linux Internet backup? only use SSH?
I am working on setting up a Duo v1 as a "private cloud RAID backup" for a linux server.
I'm not using a VPN, I'm opening ports so the Duo is directly accessed over the Internet. I'm aware it's going to have people trying to hack it day and night, so I'm using very long and complex password strings, and I'm not exposing the web admin console to Internet access.
My current plan is to use hard links and rsync to deduplicate the linux server backup files. (I have seen the warnings that fsck on a Duo can take days to finish checking hard links, and I'm okay with that.)
If I'm reading this right, apparently the built-in linux file sharing options for both NFS and rsync assume a private LAN connection, and should not be used not over the public Internet?
So apparently the only option available to really do this properly is to turn off the built-in NFS and rsync services, install the root SSH option, and only do rsync and hardlink creation over ssh to the Duo?
I'm not using a VPN, I'm opening ports so the Duo is directly accessed over the Internet. I'm aware it's going to have people trying to hack it day and night, so I'm using very long and complex password strings, and I'm not exposing the web admin console to Internet access.
My current plan is to use hard links and rsync to deduplicate the linux server backup files. (I have seen the warnings that fsck on a Duo can take days to finish checking hard links, and I'm okay with that.)
If I'm reading this right, apparently the built-in linux file sharing options for both NFS and rsync assume a private LAN connection, and should not be used not over the public Internet?
So apparently the only option available to really do this properly is to turn off the built-in NFS and rsync services, install the root SSH option, and only do rsync and hardlink creation over ssh to the Duo?
Message 1 of 6
Labels:
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
01:58 PM
2014-10-15
01:58 PM
Re: Duo v1, linux Internet backup? only use SSH?
Rsync is designed with remote backups in mind, but Rsync in itself is not secure. Rsync over SSH or over a VPN is better for security. However due to limited resources Rsync over SSH on the Duo would be terribly slow.
Message 2 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
02:29 PM
2014-10-15
02:29 PM
Re: Duo v1, linux Internet backup? only use SSH?
Yes, that really is the next question, how slow is slow? I will be testing that soon.
The Duo v1 already only moves about 20 megabit/sec, even dealing with straight unencrypted Windows shares. Thought it was such a joke for it to have a gigabit network interface but it can only utilize 2% of that.
The Duo v1 already only moves about 20 megabit/sec, even dealing with straight unencrypted Windows shares. Thought it was such a joke for it to have a gigabit network interface but it can only utilize 2% of that.
Message 3 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
02:37 PM
2014-10-15
02:37 PM
Re: Duo v1, linux Internet backup? only use SSH?
Painfully slow. Rsync already uses a lot of resources.
Do you mean 2 Mbit/s or 2MB/s. That sounds like speeds transferring files over wireless.
Do you mean 2 Mbit/s or 2MB/s. That sounds like speeds transferring files over wireless.
Message 4 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
02:58 PM
2014-10-15
02:58 PM
Re: Duo v1, linux Internet backup? only use SSH?
I have a Duo v1 at home direct-plugged into dedicated gigabit port on my home PC. In sustained writing it does not seem able to do more than about 20 megabit/sec or 2.5 megabytes/sec directly to a Windows share.
From my brief testing just now, looks like it's doing about 2.6 megabit/sec, using linux to cp a 95 meg file to it over sshfs. Need some gig file tests to really gauge it.
From my brief testing just now, looks like it's doing about 2.6 megabit/sec, using linux to cp a 95 meg file to it over sshfs. Need some gig file tests to really gauge it.
Message 5 of 6
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2014-10-15
03:03 PM
2014-10-15
03:03 PM
Re: Duo v1, linux Internet backup? only use SSH?
SSH does have its overheads and the Duo has limited resources.
Message 6 of 6