Did you make up your mind, how you are going to tackle this?
yes tailscale to make the vpn connection. it just works, took me 1 min per omv, so less than 5 min
Did you make up your mind, how you are going to tackle this?
yes tailscale to make the vpn connection. it just works, took me 1 min per omv, so less than 5 min
on my server i have created users and folders
i then found this guide for borgbackup: https://www.techrepublic.com/a…backup-over-your-network/
it explains the remote part pretty good but one thing i miss is how to automate it so that i dont have to enter a ssh password
if i change
to
it will still ash for password
same thing if i try to ssh
jack:password@192.168.1.90
it ask for user password
will try and google and see if i find a way to do it automatic without ssh keys
EDIT: found a guide on creating keys, will try that first
that present a problem.... i only have ssh root login and i created my friends name as the login on my server
so of course i need to login to his box as him to make the keys
Hi,
I apologize that I did not read through all the posts in the thread so this might have already be mentioned:
1) You can get a <3€/month very small VPS from a hoster to run a VPN server (like wireguard). Connect from both your NASes to this server and they are in the same network.
2) (my approach) Use syncthing (https://syncthing.net/) to synchronize between both NAS. You can use a local borg-backup (encrypted) and sync this backup folder via syncthing. Syncthing works if one of your server is reachable.
(I have a small PI with an external hard drive at my parents home which only stores encrypted backups via syncthing.
1) You can get a <3€/month very small VPS from a hoster to run a VPN server (like wireguard). Connect from both your NASes to this server and they are in the same network
no problem.. i found tailscale that offers a free option for us
Use syncthing (https://syncthing.net/)
that might be an option, borg backup is ok, but the problem is that without ssh keys it will ask for a password
but syncthing is nice fallback if i can get the ssh keys to work, i just need my friend to wake up first before we go to that step
2) (my approach) Use syncthing (https://syncthing.net/) to synchronize between both NAS
I never thought of syncthing for this case, it's a good note. Syncthing can sync remotely via external servers, maybe it can go through CGNAT directly, not sure about that, but it would be good to find out.
Did you set up passwordless ssh?
In the directory ~/.ssh/authorizes_keys on the remote side put the public key of the user tryingto connect.
ssh-copy-id -i ~/.ssh/mykey user@your_friends_host
You use borg via command line or use OMV. In the later case OMV needs to know your key.
Did you set up passwordless ssh?
no i need to do that first, my friend to not have time before tomorrow
i wanted to avoid ssh keys but it seems its the only way it can be done
You use borg via command line
i plan to use command line and run a small bash script with the scheduled jobs inside omv
once the backup work we would only need to change how often it runs, hence the scheduled jobs inside omv
i have these 2 guides ready:
https://linuxize.com/post/how-…p-passwordless-ssh-login/
https://www.techrepublic.com/a…backup-over-your-network/
Do not use RSA key type these times, use ed25519 or ecdsa if you trust the NSA.
Do not use RSA key type these times, use ed25519 or ecdsa if you trust the NSA.
hehe, i'm not super paranoid and i could not care less about NSA
the only reason for encryption is so that i cant look at my friends data and the other way round
and my time is to valueable that i would not even spend 1 min trying to crack the encryption
we just want a simple setup that works
The ssh key is used to log into the server by ssh, not for encrypting the data. But if you do not care, who is logging into your server ...
Btw. NSA designed the ecdsa algorithm
ahh, if someone else see this and wonder of an easy way to handle the mounting of remote folders
the remote mount plugin of course
To use this plugin you must share the folders in samba. If you do that, you expose the shared information to a ramsonware attack and you can end up with your folder encrypted by a virus.
It is safer not to share that folder in samba and to use an rsync target.
ahh, if someone else see this and wonder of an easy way to handle the mounting of remote folders
the remote mount plugin of course
If all you want do do is have access use a reverse ssh tunnel and use sshfs as file access.
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!