Hetzner - DokuWiki

Backup/en
(SSH / rsync / BorgBackup)
(Encrypt SAMBA connection)
 
(10 dazwischenliegende Versionen von 5 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
 
{{Languages|Backup}}
 
{{Languages|Backup}}
  
== Backup Space ==
+
==Backup Space==
  
All dedicated/virtual server clients can order backup space with their server. Backup space can only be accessed from within the Hetzner network. Any server located at Hetzner can connect to the backup space.
+
All dedicated/virtual server customers can order backup space with their dedicated root servers or virtual servers. If you as a customer have backup space, you can only access it from within the Hetzner network. You can use any server located at Hetzner to connect to the backup space.
  
The available backup space options, as well as their prices, can be found in the table below:
+
You can see an overview of the backup space sizes and prices in the table below.
  
{| class="wikitable" style="margin-left: 10px"
+
{| class="wikitable" style="margin-left: 10px;"
 
|-
 
|-
! Backup Space
+
!|Backup Space
! Monthly Fee
+
!|Monthly price
 
|-
 
|-
| 100 GB<big>*</big>
+
||100 GB<big>*
| € 2.90<big>*</big>
+
||€2.90<big>*</big>
 
|-
 
|-
| 500 GB
+
||500 GB
| € 4.90
+
||€4.90
 
|-
 
|-
| 1,000 GB
+
||1,000 GB
| € 7.90
+
||€7.90
 
|-
 
|-
| 2,000 GB
+
||2,000 GB
| € 9.90
+
||€9.90
 
|-
 
|-
| 5,000 GB
+
||5,000 GB
| € 21.90
+
||€21.90
 
|-
 
|-
| 10,000 GB
+
||10,000 GB
| € 39.90
+
||€39.90
 
|}
 
|}
  
<big>*</big>A dedicated server costing € 39.00 per month or more can get 100 GB backup space for free.
+
Customers with dedicated root servers with prices at or higher than €39 a month can get 100GB of backup space free of cost.
  
[[Payment_FAQ/en#How_much_VAT_do_I_need_to_pay.3F|Prices plus VAT, if applicable.]]
+
<span style="color: #008000;">[[Payment_FAQ#Welchen_Umsatzsteuersatz_muss_ich_zahlen.3F|Prices shown here do not include VAT. Click here to see what VAT you should pay.]]</span>
  
== Ordering Backup Space ==
+
==Ordering backup space==
  
Backup space can be ordered via the [[Robot/en|Robot]]. Under "Main Functions; Server" select the desired server and then open the tab "Backup". Here you can order different sizes of backup space, as well as up/downgrading your current backup space.
+
You can order backup space via your account on [[Robot]]. Under "Main Functions" -> "Server", select the server and then open the tab "Backup". Here you can order different sizes of backup space, and you can upgrade or downgrade your current backup space.
  
== Functions in the Robot ==
+
==Backup space operations on Robot==
  
Under the "Backup" tab of your server in the [[Robot/en|Robot]] you can complete the following tasks:
+
Under the "Backup" tab of your server on Robot, you can do the following:
* Order backup space
+
* Up/downgrade backup space
+
* Delete backup space
+
* Generate a new password
+
* Graphically display the current usage (updated every 10 minutes)
+
  
== General Notes ==
+
*Order backup space
 +
*Upgrade/downgrade backup space
 +
*Delete backup space
 +
*Generate a new password
 +
*Graphically display the current amount of space used (updated every 10 minutes)
 +
 
 +
==Resilience/Reliability==
 +
 
 +
The backup accounts are protected by a RAID array, which can tolerate a failure of several hard disks. Thus the chance of data loss is relatively small. Please note, however, that you are still responsible for your data and that Hetzner provides no guarantees whatsoever regarding possible data loss. The data is not mirrored on other servers.
 +
 
 +
In addition, checksums for the individual data blocks are used to detect and correct bit errors.
 +
 
 +
==General Notes==
  
 
The upload speed for backup space is dependent on how many other clients are simultaneously accessing the same backup server. Consider running your backups at another time if you experience performance problems.
 
The upload speed for backup space is dependent on how many other clients are simultaneously accessing the same backup server. Consider running your backups at another time if you experience performance problems.
Zeile 54: Zeile 61:
 
It is important to use the DNS names assigned to your backup space (<username>.your-backup.de) instead of the underlying IP address, as the IP address can change.
 
It is important to use the DNS names assigned to your backup space (<username>.your-backup.de) instead of the underlying IP address, as the IP address can change.
  
== Useful Software ==
+
There is a connections limit: 10 connections per account.
  
*[http://wertarbyte.de/tartarus.shtml Tartarus]
+
==Important reminders==
**[[Tartarus Backup-Konfiguration/en|Tartarus backup configuration]]
+
*[http://backup2l.sourceforge.net/ Backup2l]
+
**[[Backup2l/en|Backup2l backup configuration]]
+
*[http://duplicity.nongnu.org/ Duplicity]
+
**A [[Duplicity Script/en|Duplicity Script]]
+
*[https://github.com/unbit/sftpclone Sftpclone]
+
**[[Sftpclone/en|Sftpclone backup configuration]]
+
  
== Accessing Backup Space ==
+
Please note that the executable right is required for the home directory. If you remove the executable right, you will not longer be able to log in.
  
Backup space can be accessed via various different protocols.
+
Please also note that FTP and SAMBA connections may be unencrypted in some circumstances. Some Windows versions and FTP clients, however, use encryption by default. Instructions on how to encrypt your SAMBA connection can be found [[#Encrypt_SAMBA_connection|here]].
  
=== FTP/FTPS/SFTP/SCP ===
+
Using CNAME records for the assigned DNS name does not work with WebDAV.
  
You can access your backup space by means of FTP, FTPS, SFTP and SCP. Please use the host names assigned to you (<username>.your-backup.de) as well as your username and password.
+
Before using any of the services listed below, please check your Robot account to see whether or not the setting is activated.
  
==== Public Key Authentication ====
+
Use Robot to generate the password for your backup account. Robot will only display the generated password once. You cannot use your password for Hetzner Accounts for your backup account.
  
For SFTP/SCP it is possible to authenticate yourself with a Public Key. More information, as well as an example, can be found on the following wiki page: [[Backup Space SSH Keys/en|Backup Space SSH Keys]].
+
====Restriction====
  
==== Restrictions ====
+
It is not possible to create the folders "/etc" or "/lib" on the backup space.
  
It is not possible to create the folders "/etc" or "/lib" on backup space.
+
==Useful software==
  
==== Connection Error ====
+
* [http://wertarbyte.de/tartarus.shtml Tartarus]
 +
** <span style="color: #008000;">[[Tartarus Backup-Konfiguration]]</span>
 +
* [http://backup2l.sourceforge.net/ Backup2l]
 +
** [[Backup2l|Backup2l Backup-Konfiguration]]
 +
* [http://duplicity.nongnu.org/ Duplicity]
 +
** A [[Duplicity Script]]
  
<pre>
+
==Accessing Backup Space==
11: Application Error
+
</pre>
+
  
If you receive this error when trying to connect via SFTP or SCP, then this could be the result of SSH Key Forwarding being activated. Please deactivate this for the backup space, and try connecting again.
+
=== Overview ===
  
=== SAMBA/CIFS ===
+
Please note that the username '''u00000''' is only used as example. Please replace it with the username of your backup space.
  
You have the option of integrating your backup space with Samba/Cifs. To do so, you can use the following UNC path:
+
{| class="wikitable"  width="100%"
 +
|-
 +
! |Protocol
 +
! |Address
 +
! |Username
 +
! |Port
 +
|-
 +
|style="border-bottom:solid 2px black;" |FTP / FTPS
 +
|style="border-bottom:solid 2px black;" |u00000.your-backup.de
 +
|style="border-bottom:solid 2px black;" |u00000
 +
|style="border-bottom:solid 2px black;" |21
 +
|-
 +
|style="border-bottom:solid 2px black;" |SFTP / SCP
 +
|style="border-bottom:solid 2px black;" |u00000.your-backup.de
 +
|style="border-bottom:solid 2px black;" |u00000
 +
|style="border-bottom:solid 2px black;" |22
 +
|-
 +
|style="border-bottom:solid 2px black;" |Rsync / BorgBackup / SFTP / SCP*
 +
|style="border-bottom:solid 2px black;" |u00000.your-backup.de
 +
|style="border-bottom:solid 2px black;" |u00000
 +
|style="border-bottom:solid 2px black;" |23
 +
|-
 +
|style="border-bottom:solid 2px black;" |SMB / CIFS*
 +
|style="border-bottom:solid 2px black;" |'''Windows:'''<br><code>\\u00000.your-backup.de\backup</code><br>'''Linux:'''<br><code>//u00000.your-backup.de/backup</code>
 +
|style="border-bottom:solid 2px black;" |u00000
 +
|style="border-bottom:solid 2px black;" |445
 +
|-
 +
|HTTPS / WebDAV*
 +
|<pre>https://u00000.your-storagebox.de</pre>
 +
|u00000
 +
|443
 +
|-
 +
|}
  
<pre>
 
\\<username>.your-backup.de\backup
 
mount.cifs -o user=<username>,pass=<password> //<username>.your-backup.de/backup /PATH/FOLDER
 
</pre>
 
  
Furthermore, with the following line of code in '''/etc/fstab''' the backup space will be mounted automatically during boot time:
+
<nowiki>*</nowiki> This service can be activated without charge in the Robot
  
<pre>
+
===FTP/FTPS===
//<username>.your-backup.de/backup /mnt/backup-server      cifs    iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=<System account>,gid=<System group>,file_mode=0660,dir_mode=0770 0      0
+
</pre>
+
  
The file '''/etc/backup-credentials.txt''' (mode 0600) should contain the following two lines:
+
You can access your backup space by means of FTP. Please use the host names assigned to you (<username>.your-backup.de) as well as your username and password. Important note: FTP connections are not encrypted. Only FTPS (FTP+TLS) is encryped.
  
<pre>
+
====Active and passive modes====
username=<username>
+
password=<password>
+
</pre>
+
  
On Debian-based distributions, the command is provided via the package cifs-utils
+
FTP protocol is based on two connections: one connection via port 21 for all commands and a second connection for the transferred file content. For the second connection, a distinction is made between active and passive mode.
  
<pre>
+
In the active mode, the backup server tries to establish the connection to the client (Server -> Client). However, this can be blocked by a firewall of the client, and then a timeout occurs.
apt-get install cifs-utils
+
</pre>
+
  
On Windows systems if necessary, a Windows User needs to be created with the backup account name and password, so that the backup works with the built-in Windows tools. The user needs "Administrator" or "Backup Operator" rights.
+
The passive mode can be used as a solution. The client establishes a connection to the server (Client -> Server). The activation of the passive mode differs between different client programs. Therefore, please refer to your program's help menu.
  
=== WebDAV ===
+
====Instructions====
  
You can access your backup account using WebDAV and use davfs to integrate your backup account.
+
'''Windows'''
  
To mount the WebDAV directory, the following command can be used:
+
In Windows, you can add your backup space as a network address via FTP as follows:
  
<pre>
+
#Open Windows Explorer.
mount -t davfs https://<username>.your-backup.de /MOUNTPOINT
+
#'''Windows 7''': Click on "Computer" and then on "Add network address" above.<br />'''Windows 8/10''': Click on "This PC". Then click on "Computer" above and then on "Add network address".
</pre>
+
#In the dialog window that appears, click twice on 2 "Next".
 +
#Now enter "ftp://<username>.your-backup.de" in the text field and then click on "Next".
 +
#Remove the checkmark next to "Login anonymously" and enter the name of your backup account.
 +
#Click 2 more times on "Next" and then on "Complete".
 +
#In the window that opens, enter your username and password. You can also choose to save your password in Windows.
 +
#After you click on "Log in", you will be able to access your backup space by going to "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).
  
You can also use the following line in '''<code>/etc/fstab</code>''' to automate the mounting procedure each time the system is started:
+
====Software====
  
<pre>
+
Please note that there is only a limited selection of software that can be used for this protocol.
https://<username>.your-backup.de /MOUNTPOINT davfs
+
rw,uid=<System account>,gid=<System group>,file_mode=0660,dir_mode=0770,_netdev 0 0
+
</pre>
+
  
So that the WebDAV directory can mount automatically, you need to add the following line in the '''<code>/etc/davfs2/secrets</code>''' file:
+
'''Windows'''
  
<pre>
+
* Windows Explorer
https://<username>.your-backup.de <username> <password>
+
* FileZilla
</pre>
+
* WinSCP
  
On Debian based distributions, davfs2 is provided under the package of the same name.
+
'''Linux'''
  
<pre>
+
* FileZilla
apt-get install davfs2
+
* ftp
</pre>
+
* ncftp
 +
* lftp
  
On Windows, it may be necessary to install the feature "Desktop Experience".
+
===SFTP/SCP===
  
Unfortunately, WebDAV does not support the determining of the available space and it will report false values. Please use sftp instead, as is described in the section [[#Determining_memory_usage|Determining memory usage]].
+
You can access your backup space by means of SFTP and SCP. This method of accessing your backup space is completely encrypted.
  
=== SSH / rsync / BorgBackup ===
+
====Public Key Authentication====
 +
 
 +
For SFTP/SCP it is possible to authenticate yourself with a public key. You can find more information for how to do this, as well as an example, on the following wiki page: [[Backup Space SSH Keys]].
 +
 
 +
====Connection Error====
 +
 
 +
11: Application Error
 +
 
 +
If you receive this error when trying to connect via SFTP or SCP, then this could be the result of SSH key forwarding being activated. Please deactivate this for the backup space, and try connecting again.
 +
 
 +
====Software====
 +
 
 +
Please note that there is only a limited selection of software that can be used for this protocol.
 +
 
 +
'''Windows'''
 +
 
 +
* WinSCP (SFTP)
 +
* FileZilla (SFTP)
 +
 
 +
'''Linux'''
 +
 
 +
* scp
 +
* sftp
 +
* FileZilla (SFTP)
 +
 
 +
===SAMBA/CIFS===
 +
 
 +
You have the option of linking your backup space with Samba/CIFS. To do so, you can use the following UNC path.
 +
 
 +
If you are using your main account, the share name is '''backup'''.
 +
 
 +
'''Linux/Unix:'''
 +
 
 +
//<username>.your-backup.de/<share name>
 +
 
 +
'''Windows'''
 +
 
 +
\\<username>.your-backup.de\<share name>
 +
 
 +
====Instructions====
 +
 
 +
'''Linux'''
 +
 
 +
With Linux, you can use the following command from the command line to integrate the backup space in the local file system:
 +
 
 +
mount.cifs -o user=<username>,pass=<password> //<username>.your-backup.de/backup /PATH/FOLDER
 +
 
 +
You can also use the following line in /etc/fstab to automate the mount at each system start. (It is a single line!)
 +
 
 +
//<username>.your-backup.de/backup /mnt/backup-server      cifs    iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770 0      0
 +
 
 +
The file /etc/backup-credentials.txt (mode 0600) should contain two lines as follows:
 +
 
 +
username=<username>
 +
password=<password>
 +
 
 +
On Debian-based distributions, the command is provided via the cifs-utils package.
 +
 
 +
apt-get install cifs-utils
 +
 
 +
On Debian Wheezy based systems, edit the parameters as follows if you are having problems:
 +
 
 +
rsize=65536,wsize=130048
 +
 
 +
You should also add the following lines to /etc/rc.local:
 +
 
 +
modprobe cifs
 +
echo 0 > /proc/fs/cifs/OplockEnabled
 +
 
 +
'''FreeBSD'''
 +
 
 +
On FreeBSD, you can mount the backup space as follows:
 +
 
 +
Add the following line to /etc/fstab
 +
 
 +
//<username>@<username>/backup /mnt/backup-space smbfs rw,-N 0      0
 +
 
 +
Replace username with the Robot-assigned username. Also you need to use 'mkdir' to create /mnt/backup-space if it does not already exist.
 +
 
 +
Add the following lines to /etc/nsmb.conf
 +
 
 +
[<username>]
 +
charsets=UTF8:cp850
 +
addr=<username>.your-backup.de
 +
[<username>:<username>]
 +
password=$crypt-string
 +
 
 +
Create the crypt-string with 'smbutil crypt'.
 +
 
 +
In FreeBSD 10.1, the necessary packages are already pre-installed.
 +
 
 +
'''Windows'''
 +
 
 +
In Windows, use the following instructions to connect your backup space as a network drive with its own drive letter:
 +
 
 +
# Open Windows Explorer.
 +
# Windows 7: On the left, click on "Computer" and then at the top on "Map network drive".<br />Windows 8/10: On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
 +
# In the new dialog, select a network drive letter of your choice and enter „\\<username>.your-backup.de\backup“ for the folder. Enter a check next to "Reconnect at login" if you want to automatically establish a connection upon starting the system.
 +
# When you are asked for login information, you should here enter the username and password you used for your backup space. You also have the option of saving the login information in Windows.
 +
# The setup of your backup space as a network drive is now finished and can be found as separate drive under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).
 +
 
 +
====Error with files larger than 4 GB====
 +
 
 +
If there are errors when copying files that are 4 GB or larger, then it can help to deactivate caching. To do so, the backup space must be mounted with the extra parameter '-o cache=none'.
 +
 
 +
====Encrypt SAMBA connection====
 +
 
 +
To encrypt a SAMBA connection, add the following option to your mount command: '''seal'''
 +
 
 +
Example:
 +
 
 +
mount.cifs -o seal,user=<username>,pass=<passwort> //<username>.your-backup.de/backup /PATH/FOLDER
 +
 
 +
Please note that this feature is only available in newer Linux versions (e.g. starting with Ubuntu 18.04).
 +
 
 +
===WebDAV===
 +
 
 +
You can access your backup space by using WebDAV; it is encrypted through this connection.
 +
 
 +
By default, WebDAV is deactivated for your backup space. You can activate it for free via  Robot. Please note that it can take a few minutes after the activation before your backup space will be accessible via WebDAV.
 +
 
 +
Unfortunately, the WebDAV protocol does not support the output of the available memory and it may produce false values. Please use sftp instead as is described in [[#Determine_available_backup_space|Determining available memory]].
 +
 
 +
With Windows servers, it may be necessary to install the "Desktop View" or "Desktop Experience" feature.
 +
 
 +
====Instructions====
 +
 
 +
'''Linux'''
 +
 
 +
To create a link to the WebDAV directory, use the following command:
 +
 
 +
mount -t davfs https://<username>.your-backup.de /MOUNTPOINT
 +
 
 +
By adding the following line to /etc/fstab, your system will automatically mount the file system at boot:
 +
 
 +
https://<username>.your-backup.de /MOUNTPOINT davfs rw,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770,_netdev 0 0
 +
 
 +
To automatically mount the WebDAV directory, enter the following line in the file /etc/davfs2/secrets:
 +
 
 +
https://<username>.your-backup.de <username> <password>
 +
 
 +
In Debian-based distributions, the command davfs is provided via a package of the same name:
 +
 
 +
apt-get install davfs2
 +
 
 +
'''Windows'''
 +
 
 +
In Windows, use the following instructions to connect to your backup space via WebDAV:
 +
# Open Windows Explorer.
 +
# '''Windows 7''': On the left, click on "Computer" and then at the top on "Map network drive".<br />'''Windows 8/10''': On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
 +
# Click on "Connect to a web site that you can use to store your documents and pictures".
 +
# In the new assistent, click on "Next".
 +
# Select "Choose a custom network location" and click on "Next".
 +
# Under "Internet or network address" enter the address of your backup space with the protocol https (For example: https://<username>.your-backup.de) and click on "Next".
 +
# Now you can assign a new name for the network address under the one that should be visible in Windows. Then, click on "Next".
 +
# Now click on "Finish".
 +
# Now enter the user name and password of your backup space in the login dialog.
 +
# The setup of your backup space as a network address is now finished. You can now find it under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).
 +
 
 +
===SSH / rsync / BorgBackup===
  
 
You can access your backup space via an SSH connection to use rsync and BorgBackup there. Use port 23 to access your backup space for this purpose.
 
You can access your backup space via an SSH connection to use rsync and BorgBackup there. Use port 23 to access your backup space for this purpose.
  
To create an SSH connection on your backup space, first activate the SSH support setting for your backup space via the Robot administration interface.
+
To create an SSH connection on your backup space, first select the correct backup space on your account on Robot and then activate the SSH support setting for it.
  
Important note: For the SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page [[Backup Space SSH Keys/en|Backup Space SSH Keys]].
+
Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page Backup Space SSH Keys.
  
Please also note that only the directory '''/home/''' is writable on the backup space. To address directories or files on the backup space, we therefore recommend that you use relative paths. For example, to download the file '''/server1/full_backup.tar.gz''' from the backup space, you can use the following file paths:
+
Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page [[Backup Space SSH Keys/en|Backup Space SSH Keys]].
  
<pre>
+
Please also note that only the directory '''/home/''' is writable on the backup space. To address directories or files on the backup space, we therefore recommend that you use relative paths. For example, to download the file /server1/full_backup.tar.gz from the backup space, you can use the following file paths:
server1/full_backup.tar.gz
+
 
./server1/full_backup.tar.gz
+
server1/full_backup.tar.gz
</pre>
+
./server1/full_backup.tar.gz
  
 
Interactive SSH access is not allowed.
 
Interactive SSH access is not allowed.
  
==== BorgBackup ====
+
====BorgBackup====
  
With BorgBackup, you can save encrypted deduplicated backups to your backup space. You can find a guide for how to do this at [[BorgBackup/en|BorgBackup]].
+
With BorgBackup, you can save encrypted and duplicate backups on your backup account. You can find a guide for how to do this at [[BorgBackup/en]].
  
==== rsync ====
+
====rsync====
  
You can use rsync to synchronize the status of your directories with your backup space. For example, to synchronize a local directory with the backup space, you can use rsync as follows:
+
You can use rsync to synchronize the current state of your file directories to your backup space. For example, to synchronize a local directory to the backup space, you can use rsync as follows:
  
<pre>
+
rsync --progress -e 'ssh -p23' --recursive <local directory> <username>@<username>.your-backup.de:./<target directory>
rsync --progress -e 'ssh -p23' --recursive <local directory <username>@<username>.your-backup.de:<target directory>
+
</pre>
+
  
 
To re-download a directory from the backup space, you only need to swap the directories:
 
To re-download a directory from the backup space, you only need to swap the directories:
  
<pre>
+
rsync --progress -e 'ssh -p23' --recursive <username>@<username>.your-backup.de:./<directory> <local directory>
rsync --progress -e 'ssh -p23' --recursive <username>@<username>.your-backup.de:<directory> <local directory>
+
</pre>
+
  
 
Please note that it is not possible to customize the user and group ID of the uploaded files.
 
Please note that it is not possible to customize the user and group ID of the uploaded files.
  
==== SCP ====
+
====SCP via port 23====
  
You can also use port 23 to use SCP. To upload a file via SCP, you can execute the following command:
+
You can also use SCP via port 23. To upload a file via SCP, you can execute the following command:
  
<pre>
+
scp -P 23 <local file> <username>@<username>.your-backup.de:<remote file>
scp -P 23 <local file> <username>@<username>.your-backup.de:<remote file>
+
</pre>
+
  
 
To download the file again, you only have to swap the target and source files:
 
To download the file again, you only have to swap the target and source files:
  
<pre>
+
scp -P 23 <username>@<username>.your-backup.de:<remote file> <local file>
scp -P 23 <username>@<username>.your-backup.de:<remote file> <local file>
+
</pre>
+
  
==== SFTP ====
+
====SFTP====
  
 
Accessing your backup space via SFTP is similar to accessing it with an FTP client. To start an SFTP session, please execute the following command:
 
Accessing your backup space via SFTP is similar to accessing it with an FTP client. To start an SFTP session, please execute the following command:
  
<pre>
+
sftp -P 23 <username>@<username>.your-backup.de
sftp -P 23 <username>@<username>.your-backup.de
+
</pre>
+
  
 
You can then upload files using '''put''' and download them using '''get'''. With '''ls''' you get a directory listing:
 
You can then upload files using '''put''' and download them using '''get'''. With '''ls''' you get a directory listing:
  
<pre>
+
sftp> put 100MB.file
sftp> put 100MB.file
+
Uploading 100MB.file to /home/100MB.file
Uploading 100MB.file to /home/100MB.file
+
100MB.file                          100%  100MB  78.7MB/s  00:01
100MB.file                          100%  100MB  78.7MB/s  00:01
+
sftp> ls -ahl
sftp> ls -ahl
+
drwxr-xr-x    0 12345      12345    16B  Mar 28 10:55 .
drwxr-xr-x    0 12345      12345    16B  Mar 28 10:55 .
+
dr-x--x--x    0 0          0        10B  Mar 27 12:16 ..
dr-x--x--x    0 0          0        10B  Mar 27 12:16 ..
+
-rw-r--r--    0 12345      12345    100M Mar 28 11:34 100MB.file
-rw-r--r--    0 12345      12345    100M Mar 28 11:34 100MB.file
+
sftp> get 100MB.file
sftp> get 100MB.file
+
Fetching /home/100MB.file to 100MB.file
Fetching /home/100MB.file to 100MB.file
+
/home/100MB.file                    100%  100MB 110.6MB/s  00:00
/home/100MB.file                    100%  100MB 110.6MB/s  00:00
+
sftp> quit
sftp> quit
+
</pre>
+
  
=== IPv6 ===
+
===IPv6===
  
You can access your backup space with the same hostname via IPv6.
+
You can also reach your backup space under the same DNS name via IPv6.
  
=== BorgBackup ===
+
==Determine available backup space==
  
With BorgBackup you can save encrypted deduplicated backups to your backup space. For setup instructions, visit the [[BorgBackup/en|BorgBackup]] wiki page.
+
To find out how much backup space is still available (be it in backup scripts or status emails), you can use the 'sftp' program:
 
+
== Determining disk usage ==
+
 
+
To find out how much free space you have (be it via backup scripts or status emails) you can use the program "sftp":
+
  
 
  apt-get install sftp
 
  apt-get install sftp
Zeile 244: Zeile 414:
 
  echo "df -hi" | sftp <username>@BACKUPSERVER
 
  echo "df -hi" | sftp <username>@BACKUPSERVER
  
"lftp" can also be used. However, under certain circumstances lftp can give you incorrect values, which is why sftp is recommended. The following is the variant with lftp:
+
Under certain circumstances, lftp can return wrong values; therefore it is better to use the variant with sftp. Below is the variant with lftp:
  
 
  # apt-get install lftp
 
  # apt-get install lftp
Zeile 250: Zeile 420:
 
  | lftp -u <username>,<password> BACKUPSERVER
 
  | lftp -u <username>,<password> BACKUPSERVER
  
The following command allows you to use a hook to link with Tartarus by inserting the following lines in the Tartarus configuration:
+
You can also embed the command in Tartarus using a hook. To do this, insert the following lines into the Tartarus configuration:
  
 
  TARTARUS_POST_PROCESS_HOOK() {
 
  TARTARUS_POST_PROCESS_HOOK() {
 
  echo "du" | /usr/bin/lftp -u "$STORAGE_FTP_USER,$STORAGE_FTP_PASSWORD" "$STORAGE_FTP_SERVER" | awk -v LIMIT=100 '$2=="." {print ((LIMIT*1024*1024)-$1)/1024 " MiB backup space remaining"}'
 
  echo "du" | /usr/bin/lftp -u "$STORAGE_FTP_USER,$STORAGE_FTP_PASSWORD" "$STORAGE_FTP_SERVER" | awk -v LIMIT=100 '$2=="." {print ((LIMIT*1024*1024)-$1)/1024 " MiB backup space remaining"}'
 
  }
 
  }
 +
 +
In order to always get a reliable value, we recommend that you use Robot to display the amount of occupied backup space.
  
 
[[Kategorie:Dedizierte Server]]
 
[[Kategorie:Dedizierte Server]]

Aktuelle Version vom 3. Juli 2019, 12:06 Uhr

Inhaltsverzeichnis

Backup Space

All dedicated/virtual server customers can order backup space with their dedicated root servers or virtual servers. If you as a customer have backup space, you can only access it from within the Hetzner network. You can use any server located at Hetzner to connect to the backup space.

You can see an overview of the backup space sizes and prices in the table below.

Backup Space Monthly price
100 GB* €2.90*
500 GB €4.90
1,000 GB €7.90
2,000 GB €9.90
5,000 GB €21.90
10,000 GB €39.90

Customers with dedicated root servers with prices at or higher than €39 a month can get 100GB of backup space free of cost.

Prices shown here do not include VAT. Click here to see what VAT you should pay.

Ordering backup space

You can order backup space via your account on Robot. Under "Main Functions" -> "Server", select the server and then open the tab "Backup". Here you can order different sizes of backup space, and you can upgrade or downgrade your current backup space.

Backup space operations on Robot

Under the "Backup" tab of your server on Robot, you can do the following:

  • Order backup space
  • Upgrade/downgrade backup space
  • Delete backup space
  • Generate a new password
  • Graphically display the current amount of space used (updated every 10 minutes)

Resilience/Reliability

The backup accounts are protected by a RAID array, which can tolerate a failure of several hard disks. Thus the chance of data loss is relatively small. Please note, however, that you are still responsible for your data and that Hetzner provides no guarantees whatsoever regarding possible data loss. The data is not mirrored on other servers.

In addition, checksums for the individual data blocks are used to detect and correct bit errors.

General Notes

The upload speed for backup space is dependent on how many other clients are simultaneously accessing the same backup server. Consider running your backups at another time if you experience performance problems.

It is important to use the DNS names assigned to your backup space (<username>.your-backup.de) instead of the underlying IP address, as the IP address can change.

There is a connections limit: 10 connections per account.

Important reminders

Please note that the executable right is required for the home directory. If you remove the executable right, you will not longer be able to log in.

Please also note that FTP and SAMBA connections may be unencrypted in some circumstances. Some Windows versions and FTP clients, however, use encryption by default. Instructions on how to encrypt your SAMBA connection can be found here.

Using CNAME records for the assigned DNS name does not work with WebDAV.

Before using any of the services listed below, please check your Robot account to see whether or not the setting is activated.

Use Robot to generate the password for your backup account. Robot will only display the generated password once. You cannot use your password for Hetzner Accounts for your backup account.

Restriction

It is not possible to create the folders "/etc" or "/lib" on the backup space.

Useful software

Accessing Backup Space

Overview

Please note that the username u00000 is only used as example. Please replace it with the username of your backup space.

Protocol Address Username Port
FTP / FTPS u00000.your-backup.de u00000 21
SFTP / SCP u00000.your-backup.de u00000 22
Rsync / BorgBackup / SFTP / SCP* u00000.your-backup.de u00000 23
SMB / CIFS* Windows:
\\u00000.your-backup.de\backup
Linux:
//u00000.your-backup.de/backup
u00000 445
HTTPS / WebDAV*
https://u00000.your-storagebox.de
u00000 443


* This service can be activated without charge in the Robot

FTP/FTPS

You can access your backup space by means of FTP. Please use the host names assigned to you (<username>.your-backup.de) as well as your username and password. Important note: FTP connections are not encrypted. Only FTPS (FTP+TLS) is encryped.

Active and passive modes

FTP protocol is based on two connections: one connection via port 21 for all commands and a second connection for the transferred file content. For the second connection, a distinction is made between active and passive mode.

In the active mode, the backup server tries to establish the connection to the client (Server -> Client). However, this can be blocked by a firewall of the client, and then a timeout occurs.

The passive mode can be used as a solution. The client establishes a connection to the server (Client -> Server). The activation of the passive mode differs between different client programs. Therefore, please refer to your program's help menu.

Instructions

Windows

In Windows, you can add your backup space as a network address via FTP as follows:

  1. Open Windows Explorer.
  2. Windows 7: Click on "Computer" and then on "Add network address" above.
    Windows 8/10: Click on "This PC". Then click on "Computer" above and then on "Add network address".
  3. In the dialog window that appears, click twice on 2 "Next".
  4. Now enter "ftp://<username>.your-backup.de" in the text field and then click on "Next".
  5. Remove the checkmark next to "Login anonymously" and enter the name of your backup account.
  6. Click 2 more times on "Next" and then on "Complete".
  7. In the window that opens, enter your username and password. You can also choose to save your password in Windows.
  8. After you click on "Log in", you will be able to access your backup space by going to "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

Software

Please note that there is only a limited selection of software that can be used for this protocol.

Windows

  • Windows Explorer
  • FileZilla
  • WinSCP

Linux

  • FileZilla
  • ftp
  • ncftp
  • lftp

SFTP/SCP

You can access your backup space by means of SFTP and SCP. This method of accessing your backup space is completely encrypted.

Public Key Authentication

For SFTP/SCP it is possible to authenticate yourself with a public key. You can find more information for how to do this, as well as an example, on the following wiki page: Backup Space SSH Keys.

Connection Error

11: Application Error

If you receive this error when trying to connect via SFTP or SCP, then this could be the result of SSH key forwarding being activated. Please deactivate this for the backup space, and try connecting again.

Software

Please note that there is only a limited selection of software that can be used for this protocol.

Windows

  • WinSCP (SFTP)
  • FileZilla (SFTP)

Linux

  • scp
  • sftp
  • FileZilla (SFTP)

SAMBA/CIFS

You have the option of linking your backup space with Samba/CIFS. To do so, you can use the following UNC path.

If you are using your main account, the share name is backup.

Linux/Unix:

//<username>.your-backup.de/<share name>

Windows

\\<username>.your-backup.de\<share name>

Instructions

Linux

With Linux, you can use the following command from the command line to integrate the backup space in the local file system:

mount.cifs -o user=<username>,pass=<password> //<username>.your-backup.de/backup /PATH/FOLDER

You can also use the following line in /etc/fstab to automate the mount at each system start. (It is a single line!)

//<username>.your-backup.de/backup /mnt/backup-server       cifs    iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770 0       0

The file /etc/backup-credentials.txt (mode 0600) should contain two lines as follows:

username=<username>
password=<password>

On Debian-based distributions, the command is provided via the cifs-utils package.

apt-get install cifs-utils

On Debian Wheezy based systems, edit the parameters as follows if you are having problems:

rsize=65536,wsize=130048

You should also add the following lines to /etc/rc.local:

modprobe cifs
echo 0 > /proc/fs/cifs/OplockEnabled

FreeBSD

On FreeBSD, you can mount the backup space as follows:

Add the following line to /etc/fstab

//<username>@<username>/backup /mnt/backup-space smbfs rw,-N 0       0

Replace username with the Robot-assigned username. Also you need to use 'mkdir' to create /mnt/backup-space if it does not already exist.

Add the following lines to /etc/nsmb.conf

[<username>]
charsets=UTF8:cp850
addr=<username>.your-backup.de
[<username>:<username>]
password=$crypt-string

Create the crypt-string with 'smbutil crypt'.

In FreeBSD 10.1, the necessary packages are already pre-installed.

Windows

In Windows, use the following instructions to connect your backup space as a network drive with its own drive letter:

  1. Open Windows Explorer.
  2. Windows 7: On the left, click on "Computer" and then at the top on "Map network drive".
    Windows 8/10: On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
  3. In the new dialog, select a network drive letter of your choice and enter „\\<username>.your-backup.de\backup“ for the folder. Enter a check next to "Reconnect at login" if you want to automatically establish a connection upon starting the system.
  4. When you are asked for login information, you should here enter the username and password you used for your backup space. You also have the option of saving the login information in Windows.
  5. The setup of your backup space as a network drive is now finished and can be found as separate drive under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

Error with files larger than 4 GB

If there are errors when copying files that are 4 GB or larger, then it can help to deactivate caching. To do so, the backup space must be mounted with the extra parameter '-o cache=none'.

Encrypt SAMBA connection

To encrypt a SAMBA connection, add the following option to your mount command: seal

Example:

mount.cifs -o seal,user=<username>,pass=<passwort> //<username>.your-backup.de/backup /PATH/FOLDER

Please note that this feature is only available in newer Linux versions (e.g. starting with Ubuntu 18.04).

WebDAV

You can access your backup space by using WebDAV; it is encrypted through this connection.

By default, WebDAV is deactivated for your backup space. You can activate it for free via Robot. Please note that it can take a few minutes after the activation before your backup space will be accessible via WebDAV.

Unfortunately, the WebDAV protocol does not support the output of the available memory and it may produce false values. Please use sftp instead as is described in Determining available memory.

With Windows servers, it may be necessary to install the "Desktop View" or "Desktop Experience" feature.

Instructions

Linux

To create a link to the WebDAV directory, use the following command:

mount -t davfs https://<username>.your-backup.de /MOUNTPOINT

By adding the following line to /etc/fstab, your system will automatically mount the file system at boot:

https://<username>.your-backup.de /MOUNTPOINT davfs rw,uid=<system_user>,gid=<system_group>,file_mode=0660,dir_mode=0770,_netdev 0 0

To automatically mount the WebDAV directory, enter the following line in the file /etc/davfs2/secrets:

https://<username>.your-backup.de <username> <password>

In Debian-based distributions, the command davfs is provided via a package of the same name:

apt-get install davfs2

Windows

In Windows, use the following instructions to connect to your backup space via WebDAV:

  1. Open Windows Explorer.
  2. Windows 7: On the left, click on "Computer" and then at the top on "Map network drive".
    Windows 8/10: On the left, click on "This PC". And then at the top click on "Computer" and then on "Map network drive".
  3. Click on "Connect to a web site that you can use to store your documents and pictures".
  4. In the new assistent, click on "Next".
  5. Select "Choose a custom network location" and click on "Next".
  6. Under "Internet or network address" enter the address of your backup space with the protocol https (For example: https://<username>.your-backup.de) and click on "Next".
  7. Now you can assign a new name for the network address under the one that should be visible in Windows. Then, click on "Next".
  8. Now click on "Finish".
  9. Now enter the user name and password of your backup space in the login dialog.
  10. The setup of your backup space as a network address is now finished. You can now find it under "This PC" (Windows 8.1/10) or "Computer" (Windows 7/8).

SSH / rsync / BorgBackup

You can access your backup space via an SSH connection to use rsync and BorgBackup there. Use port 23 to access your backup space for this purpose.

To create an SSH connection on your backup space, first select the correct backup space on your account on Robot and then activate the SSH support setting for it.

Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page Backup Space SSH Keys.

Important note: For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your backup space. Do not save the key in RFC4716 format. For a more detailed guide, please see our Wiki page Backup Space SSH Keys.

Please also note that only the directory /home/ is writable on the backup space. To address directories or files on the backup space, we therefore recommend that you use relative paths. For example, to download the file /server1/full_backup.tar.gz from the backup space, you can use the following file paths:

server1/full_backup.tar.gz
./server1/full_backup.tar.gz

Interactive SSH access is not allowed.

BorgBackup

With BorgBackup, you can save encrypted and duplicate backups on your backup account. You can find a guide for how to do this at BorgBackup/en.

rsync

You can use rsync to synchronize the current state of your file directories to your backup space. For example, to synchronize a local directory to the backup space, you can use rsync as follows:

rsync --progress -e 'ssh -p23' --recursive <local directory> <username>@<username>.your-backup.de:./<target directory>

To re-download a directory from the backup space, you only need to swap the directories:

rsync --progress -e 'ssh -p23' --recursive <username>@<username>.your-backup.de:./<directory> <local directory>

Please note that it is not possible to customize the user and group ID of the uploaded files.

SCP via port 23

You can also use SCP via port 23. To upload a file via SCP, you can execute the following command:

scp -P 23 <local file> <username>@<username>.your-backup.de:<remote file>

To download the file again, you only have to swap the target and source files:

scp -P 23 <username>@<username>.your-backup.de:<remote file> <local file>

SFTP

Accessing your backup space via SFTP is similar to accessing it with an FTP client. To start an SFTP session, please execute the following command:

sftp -P 23 <username>@<username>.your-backup.de

You can then upload files using put and download them using get. With ls you get a directory listing:

sftp> put 100MB.file
Uploading 100MB.file to /home/100MB.file
100MB.file                           100%  100MB  78.7MB/s   00:01
sftp> ls -ahl
drwxr-xr-x    0 12345      12345     16B  Mar 28 10:55 .
dr-x--x--x    0 0          0         10B  Mar 27 12:16 ..
-rw-r--r--    0 12345      12345     100M Mar 28 11:34 100MB.file
sftp> get 100MB.file
Fetching /home/100MB.file to 100MB.file
/home/100MB.file                     100%  100MB 110.6MB/s   00:00
sftp> quit

IPv6

You can also reach your backup space under the same DNS name via IPv6.

Determine available backup space

To find out how much backup space is still available (be it in backup scripts or status emails), you can use the 'sftp' program:

apt-get install sftp
echo "df"     | sftp <username>@BACKUPSERVER
echo "df -h"  | sftp <username>@BACKUPSERVER
echo "df -hi" | sftp <username>@BACKUPSERVER

Under certain circumstances, lftp can return wrong values; therefore it is better to use the variant with sftp. Below is the variant with lftp:

# apt-get install lftp
# echo du -hs .  \
| lftp -u <username>,<password> BACKUPSERVER

You can also embed the command in Tartarus using a hook. To do this, insert the following lines into the Tartarus configuration:

TARTARUS_POST_PROCESS_HOOK() {
echo "du" | /usr/bin/lftp -u "$STORAGE_FTP_USER,$STORAGE_FTP_PASSWORD" "$STORAGE_FTP_SERVER" | awk -v LIMIT=100 '$2=="." {print ((LIMIT*1024*1024)-$1)/1024 " MiB backup space remaining"}'
}

In order to always get a reliable value, we recommend that you use Robot to display the amount of occupied backup space.



© 2019. Hetzner Online GmbH. Alle Rechte vorbehalten.