Documentation changes for remote backups

This commit is contained in:
Bob Mottram 2015-11-03 15:47:44 +00:00
parent 6823dd3865
commit 7f1a795ece
1 changed files with 18 additions and 37 deletions

View File

@ -10,12 +10,12 @@
#+BEGIN_CENTER #+BEGIN_CENTER
#+ATTR_HTML: :border -1 #+ATTR_HTML: :border -1
| [[file:index.html][Home]] | | [[file:index.html][Home]] |
| [[Backup keys]] | | [[Backup keys]] |
| [[Backup to USB]] | | [[Backup to USB]] |
| [[Restore from USB]] | | [[Restore from USB]] |
| [[Distributed backups]] | | [[Distributed/remote backups]] |
| [[Restore from a friend]] | | [[Restore from a friend]] |
#+END_CENTER #+END_CENTER
* Backup keys * Backup keys
@ -64,16 +64,19 @@ If this is a new Freedombone installation then you will first need to restore yo
Select /Backup and Restore/ then /Restore data from USB drive/. Select /Backup and Restore/ then /Restore data from USB drive/.
Enter the LUKS password for the USB drive. When the restore is complete you can remove the USB drive. Enter the LUKS password for the USB drive. When the restore is complete you can remove the USB drive.
* Distributed backups * Distributed/remote backups
Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised. Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the *adduser <username>* command when logged in as root and then give you the username and password via a secure method, such as on paper or via an encrypted email or via an XMPP chat using OTR. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you. Firstly you will need to have a user account on one or more of your friends servers. They don't necessarily need to be using Freedombone, just some version of GNU/Linux with ssh access. They can create a user account for you with the control panel on a Freedombone system or with the *adduser <username>* command on any other system when logged in as root and then give you the username and password via a secure method, such as on paper, via an encrypted email, Tox or via an XMPP chat using OTR. Make sure that the password used is a strong one - preferably a long random string stored in a password manager - so that dictionary attacks will not be easy. Also for maximum resilience put your password manager file onto a USB thumb drive and carry it with you.
#+BEGIN_SRC bash #+BEGIN_SRC bash
ssh username@domainname -p 2222 ssh username@domainname -p 2222
freedombone-remote su
control
#+END_SRC #+END_SRC
Select /Backup and Restore/ then /Configure remote backups/.
You can then enter the usernames, domains and ssh logins for one or more remote servers. The system will try to backup to these remote locations once per day. You can then enter the usernames, domains and ssh logins for one or more remote servers. The system will try to backup to these remote locations once per day.
* Restore from a friend * Restore from a friend
** With a completely new Freedombone installation ** With a completely new Freedombone installation
@ -83,34 +86,15 @@ First log in and if you don't already have one then create a new friends list:
#+BEGIN_SRC bash #+BEGIN_SRC bash
ssh username@domainname -p 2222 ssh username@domainname -p 2222
freedombone-remote
#+END_SRC
Configure the remote server login details.
Now become the root user:
#+BEGIN_SRC bash
su su
control
#+END_SRC #+END_SRC
Plug in the USB drive containing the backup key and restore it. Select /Backup and Restore/ then /Restore GPG key from USB (master keydrive)/. Select the username then plug in your keydrive and restore the key.
#+BEGIN_SRC bash Now select /Configure remote backups/ and configure the locations and logins for the remote server.
freedombone-recoverkey -u [username]
#+END_SRC
Or on a Beablebone Black: Finally select /Restore from remote backup/ and enter the domain name of the remote server that you wish to restore from.
#+BEGIN_SRC bash
freedombone-recoverkey -u [username] -d sda
#+END_SRC
Then use the command:
#+BEGIN_SRC bash
restorefromfriend <friends server domain name>
#+END_SRC
** On an existing Freedombone installation ** On an existing Freedombone installation
This is for more common situations in which maybe some data became corrupted and you want to restore it. This is for more common situations in which maybe some data became corrupted and you want to restore it.
@ -119,10 +103,7 @@ Log in as root:
#+BEGIN_SRC bash #+BEGIN_SRC bash
ssh username@domainname -p 2222 ssh username@domainname -p 2222
su su
control
#+END_SRC #+END_SRC
Then use the command: Select /Backup and Restore/ then /Restore from remote backup/ and enter the domain name of the remote server that you wish to restore from.
#+BEGIN_SRC bash
restorefromfriend <friends server domain name>
#+END_SRC