ruben/verweg-zfs-backup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
verweg-zfs-backup/client
History
Ruben van Staveren acd4ff4962
Store backup scripts
2024-03-19 11:33:12 +01:00
..
README.md
Store backup scripts
2024-03-19 11:33:12 +01:00
zfs-receive.sh
Store backup scripts
2024-03-19 11:33:12 +01:00

README.md

client portion of remote zfs pool backup

  • Uses hardened ssh access
  • Uses a geli encrypted zvol to receive the pool
    • the geli zvol is only used on demand, the backup pool is imported but not mounted
    • using geli also allows for having a zpool on a zvol which is normally not possible

ssh configuration

Add the following to your sshd configuration. The connection comes from a jail that functions as an indermediate agent

Match user root Address 2a10:3781:3e9:1::da7a:caf3
    AllowTcpForwarding no
    ForceCommand /root/zfs-receive.sh
    PermitRootLogin prohibit-password
    PermitTTY no
    X11Forwarding no