The goal is to have files from the Windows OS (or multiple Windows devices) backed up to the Linux server, in a secure way. In this example, I have used a Linux host as a backup server, and a Microsoft Windows 10 PC as a client.
What makes it ‘secure’? The Windows 10 PC has no access to the backup server; it can’t access the SSH service on the backup server — in fact, it cannot access any TCP nor UDP ports on the backup server, and it doesn’t need to. This increases security by reducing attack vectors on the backup server.
Here’s how it works:
1) The Windows PC will run Microsoft OpenSSH server (sometimes the thought makes me shudder but, it works, and it’s Microsoft-approved!)
2) The Windows PC runs the backup software which compressed the files into .ZIP archives and stores them on an attached USB drive
3) The Linux backup server has an SSH client & rsync client and, at regular intervals, it will SSH in to the Windows 10 PC and download all of the backups, using rsync to determine which it already has and which it doesn’t
- Linux distribution with SSH client, rsync client, crond (to make the backup script run at regular intervals)
- OpenSSH for Windows (https://github.com/PowerShell/Win32-OpenSSH)
- Cobian Backup 11 for Windows (https://www.cobiansoft.com/cobianbackup.html)
- Cygwin (https://cygwin.com)
NOTE: I do not recommend using the ‘DeltaCopy’ product because it comes with an old, insecure version of rsync
Step 2) :