Hetzner - DokuWiki

Backup/en

Inhaltsverzeichnis

Backup Space

All dedicated/virtual server customers can order backup space with their dedicated root servers or virtual servers. If you as a customer have backup space, you can only access it from within the Hetzner network. You can use any server located at Hetzner to connect to the backup space.

You can see an overview of the backup space sizes and prices in the table below.

Backup Space Monthly price
100 GB* €2.90*
500 GB €4.90
1,000 GB €7.90
2,000 GB €9.90
5,000 GB €21.90
10,000 GB €39.90

Customers with dedicated root servers with prices at or higher than €39 a month can get 100GB of backup space free of cost.

Prices shown here do not include VAT. Click here to see what VAT you should pay.

Ordering backup space

You can order backup space via your account on Robot. Under "Main Functions" -> "Server", select the server and then open the tab "Backup". Here you can order different sizes of backup space, and you can upgrade or downgrade your current backup space.

Backup space operations on Robot

Under the "Backup" tab of your server on Robot, you can do the following:

  • Order backup space
  • Upgrade/downgrade backup space
  • Delete backup space
  • Generate a new password
  • Graphically display the current amount of space used (updated every 10 minutes)

Resilience/Reliability

The backup accounts are protected by a RAID array, which can tolerate a failure of several hard disks. Thus the chance of data loss is relatively small. Please note, however, that you are still responsible for your data and that Hetzner provides no guarantees whatsoever regarding possible data loss. The data is not mirrored on other servers.

In addition, checksums for the individual data blocks are used to detect and correct bit errors.

General Notes

The upload speed for backup space is dependent on how many other clients are simultaneously accessing the same backup server. Consider running your backups at another time if you experience performance problems.

It is important to use the DNS names assigned to your backup space (<username>.your-backup.de) instead of the underlying IP address, as the IP address can change.

There is a connections limit: 10 connections per account.

Important reminders

Please note that the executable right is required for the home directory. If you remove the executable right, you will not longer be able to log in.

Please also note that FTP and SAMBA connections may be unencrypted in some circumstances. Some Windows versions and FTP clients, however, use encryption by default. Instructions on how to encrypt your SAMBA connection can be found here.

Using CNAME records for the assigned DNS name does not work with WebDAV.

Before using any of the services listed below, please check your Robot account to see whether or not the setting is activated.

Use Robot to generate the password for your backup account. Robot will only display the generated password once. You cannot use your password for Hetzner Accounts for your backup account.

Restriction

It is not possible to create the folders "/etc" or "/lib" on the backup space.

Useful software

Accessing Backup Space

Backup space can be accessed via various different protocols.

FTP/FTPS

You can access your backup space by means of FTP. Please use the host names assigned to you (<username>.your-backup.de) as well as your username and password. Important note: FTP connections are not encrypted. Only FTPS (FTP+TLS) is encryped.

Active and passive modes

FTP protocol is based on two connections: one connection via port 21 for all commands and a second connection for the transferred file content. For the second connection, a distinction is made between active and passive mode.

In the active mode, the backup server tries to establish the connection to the client (Server -> Client). However, this can be blocked by a firewall of the client, and then a timeout occurs.

The passive mode can be used as a solution. The client establishes a connection to the server (Client -> Server). The activation of the passive mode differs between different client programs. Therefore, please refer to your program's help menu.

Instructions

Windows

In Windows, you can add your backup space as a network address via FTP as follows:

  1. Open Windows Explorer.
  2. Windows 7: Click on "Computer" and then on "Add network address" above.
    Windows 8/10: Click on "This PC". Then click on "Computer" above and then on "Add network address".
  3. In the dialog window that appears, click twice on 2 "Next".
  4. Now enter "ftp://<username>.your-backup.de" in the text field and then click on "Next".
  5. Remove the checkmark next to "Login anonymously" and enter the name of your backup account.
  6. Click 2 more times on "Next" and then on "Complete".
  7. In the window that opens, enter your username and password. You can also choose to save your password in Windows.
  8. After you click on "Log in", you will be able to access your backup space by going to "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

Software

Please note that there is only a limited selection of software that can be used for this protocol.

Windows

  • Windows Explorer
  • FileZilla
  • WinSCP

Linux

  • FileZilla
  • ftp
  • ncftp
  • lftp

SFTP/SCP

You can access your backup space by means of SFTP and SCP. This method of accessing your backup space is completely encrypted.

Public Key Authentication

For SFTP/SCP it is possible to authenticate yourself with a public key. You can find more information for how to do this, as well as an example, on the following wiki page: Backup Space SSH Keys.

Connection Error

11: Application Error

If you receive this error when trying to connect via SFTP or SCP, then this could be the result of SSH key forwarding being activated. Please deactivate this for the backup space, and try connecting again.

Software

Please note that there is only a limited selection of software that can be used for this protocol.

Windows

  • WinSCP (SFTP)
  • FileZilla (SFTP)

Linux

  • scp
  • sftp
  • FileZilla (SFTP)

SAMBA/CIFS

You have the option of linking your backup space with Samba/CIFS. To do so, you can use the following UNC path.

If you are using your main account, the share name is backup.

Linux/Unix:

//<username>.your-backup.de/<share name>

Windows

\\<username>.your-backup.de\<share name>

Instructions

Linux

With Linux, you can use the following command from the command line to integrate the backup space in the local file system:

mount.cifs -o user=<username>,pass=<password> //<username>.your-backup.de/backup /PATH/FOLDER

You can also use the following line in /etc/fstab to automate the mount at each system start. (It is a single line!)

//<username>.your-backup.de/backup /mnt/backup-server       cifs    iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770 0       0

The file /etc/backup-credentials.txt (mode 0600) should contain two lines as follows:

username=<username>
password=<password>

On Debian-based distributions, the command is provided via the cifs-utils package.

apt-get install cifs-utils

On Debian Wheezy based systems, edit the parameters as follows if you are having problems:

rsize=65536,wsize=130048

You should also add the following lines to /etc/rc.local:

modprobe cifs
echo 0 > /proc/fs/cifs/OplockEnabled

FreeBSD

On FreeBSD, you can mount the backup space as follows:

Add the following line to /etc/fstab

//<username>@<username>/backup /mnt/backup-space smbfs rw,-N 0       0

Replace username with the Robot-assigned username. Also you need to use 'mkdir' to create /mnt/backup-space if it does not already exist.

Add the following lines to /etc/nsmb.conf

[<username>]
charsets=UTF8:cp850
addr=<username>.your-backup.de
[<username>:<username>]
password=$crypt-string

Create the crypt-string with 'smbutil crypt'.

In FreeBSD 10.1, the necessary packages are already pre-installed.

Windows

In Windows, use the following instructions to connect your backup space as a network drive with its own drive letter:

  1. Open Windows Explorer.
  2. Windows 7: On the left, click on "Computer" and then at the top on "Map network drive".
    Windows 8/10: On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
  3. In the new dialog, select a network drive letter of your choice and enter „\\<username>.your-backup.de\backup“ for the folder. Enter a check next to "Reconnect at login" if you want to automatically establish a connection upon starting the system.
  4. When you are asked for login information, you should here enter the username and password you used for your backup space. You also have the option of saving the login information in Windows.
  5. The setup of your backup space as a network drive is now finished and can be found as separate drive under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

Error with files larger than 4 GB

If there are errors when copying files that are 4 GB or larger, then it can help to deactivate caching. To do so, the backup space must be mounted with the extra parameter '-o cache=none'.

Encrypt SAMBA connection

To encrypt a SAMBA connection, add the following option to your mount command: seal

Example:

mount.cifs -o seal,user=<username>,pass=<passwort> //<username>.your-backup.de/backup /PATH/FOLDER

WebDAV

You can access your backup space by using WebDAV; it is encrypted through this connection.

By default, WebDAV is deactivated for your backup space. You can activate it for free via Robot. Please note that it can take a few minutes after the activation before your backup space will be accessible via WebDAV.

Unfortunately, the WebDAV protocol does not support the output of the available memory and it may produce false values. Please use sftp instead as is described in Determining available memory.

With Windows servers, it may be necessary to install the "Desktop View" or "Desktop Experience" feature.

Instructions

Linux

To create a link to the WebDAV directory, use the following command:

mount -t davfs https://<username>.your-backup.de /MOUNTPOINT

By adding the following line to /etc/fstab, your system will automatically mount the file system at boot:

https://<username>.your-backup.de /MOUNTPOINT davfs rw,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770,_netdev 0 0

To automatically mount the WebDAV directory, enter the following line in the file /etc/davfs2/secrets:

https://<username>.your-backup.de <username> <password>

In Debian-based distributions, the command davfs is provided via a package of the same name:

apt-get install davfs2

Windows

In Windows, use the following instructions to connect to your backup space via WebDAV:

  1. Open Windows Explorer.
  2. Windows 7: On the left, click on "Computer" and then at the top on "Map network drive".
    Windows 8/10: On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
  3. Click on "Connect to a web site that you can use to store your documents and pictures".
  4. In the new assistent, click on "Next".
  5. Select "Choose a custom network location" and click on "Next".
  6. Under "Internet or network address" enter the address of your backup space with the protocol https (For example: https://<username>.your-backup.de) and click on "Next".
  7. Now you can assign a new name for the network address under the one that should be visible in Windows. Then, click on "Next".
  8. Now click on "Finish".
  9. Now enter the user name and password of your backup space in the login dialog.
  10. The setup of your backup space as a network address is now finished. You can now find it under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

SSH / rsync / BorgBackup

You can access your backup space via an SSH connection to use rsync and BorgBackup there. Use port 23 to access your backup space for this purpose.

To create an SSH connection on your backup space, first select the correct backup space on your account on Robot and then activate the SSH support setting for it.

Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page Backup Space SSH Keys.

Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page Backup Space SSH Keys.

Please also note that only the directory /home/ is writable on the backup space. To address directories or files on the backup space, we therefore recommend that you use relative paths. For example, to download the file /server1/full_backup.tar.gz from the backup space, you can use the following file paths:

server1/full_backup.tar.gz
./server1/full_backup.tar.gz

Interactive SSH access is not allowed.

BorgBackup

With BorgBackup, you can save encrypted and duplicate backups on your backup account. You can find a guide for how to do this at BorgBackup.

rsync

You can use rsync to synchronize the current state of your file directories to your backup space. For example, to synchronize a local directory to the backup space, you can use rsync as follows:

rsync --progress -e 'ssh -p23' --recursive <local directory> <username>@<username>.your-backup.de:./<target directory>

To re-download a directory from the backup space, you only need to swap the directories:

rsync --progress -e 'ssh -p23' --recursive <username>@<username>.your-backup.de:./<directory> <local directory>

Please note that it is not possible to customize the user and group ID of the uploaded files.

SCP via port 23

You can also use SCP via port 23. To upload a file via SCP, you can execute the following command:

scp -P 23 <local file> <username>@<username>.your-backup.de:<remote file>

To download the file again, you only have to swap the target and source files:

scp -P 23 <username>@<username>.your-backup.de:<remote file> <local file>

SFTP

Accessing your backup space via SFTP is similar to accessing it with an FTP client. To start an SFTP session, please execute the following command:

sftp -P 23 <username>@<username>.your-backup.de

You can then upload files using put and download them using get. With ls you get a directory listing:

sftp> put 100MB.file
Uploading 100MB.file to /home/100MB.file
100MB.file                           100%  100MB  78.7MB/s   00:01
sftp> ls -ahl
drwxr-xr-x    0 12345      12345     16B  Mar 28 10:55 .
dr-x--x--x    0 0          0         10B  Mar 27 12:16 ..
-rw-r--r--    0 12345      12345     100M Mar 28 11:34 100MB.file
sftp> get 100MB.file
Fetching /home/100MB.file to 100MB.file
/home/100MB.file                     100%  100MB 110.6MB/s   00:00
sftp> quit

IPv6

You can also reach your backup space under the same DNS name via IPv6.

Determine available backup space

To find out how much backup space is still available (be it in backup scripts or status emails), you can use the 'sftp' program:

apt-get install sftp
echo "df"     | sftp <username>@BACKUPSERVER
echo "df -h"  | sftp <username>@BACKUPSERVER
echo "df -hi" | sftp <username>@BACKUPSERVER

Under certain circumstances, lftp can return wrong values; therefore it is better to use the variant with sftp. Below is the variant with lftp:

# apt-get install lftp
# echo du -hs .  \
| lftp -u <username>,<password> BACKUPSERVER

You can also embed the command in Tartarus using a hook. To do this, insert the following lines into the Tartarus configuration:

TARTARUS_POST_PROCESS_HOOK() {
echo "du" | /usr/bin/lftp -u "$STORAGE_FTP_USER,$STORAGE_FTP_PASSWORD" "$STORAGE_FTP_SERVER" | awk -v LIMIT=100 '$2=="." {print ((LIMIT*1024*1024)-$1)/1024 " MiB backup space remaining"}'
}

In order to always get a reliable value, we recommend that you use Robot to display the amount of occupied backup space.



© 2018. Hetzner Online GmbH. Alle Rechte vorbehalten.