backing up vpopmail with rsync and ssh non standard port

this is for redhat and friends using openssh from rpm.
backup server is the server where we want to put the backup files.
remoteserver is the server where the vpopmail is.
backup server pulls data from remoteserver.

on backup server as root:

$ssh-keygen -t dsa -b 1024 -f /root/.ssh/rsync-key

just press enter for passphrase

$cd /root/.ssh
$scp /root/.ssh/rsync-key.pub root@remoteserver:/root/.ssh/

on remoteserver as root :

$cd /root/.ssh
$touch authorized_keys
$chmod 600 authorized_keys
$cat rsync-key.pub >> authorized_keys
$rm rsync-key.pub
$vi /etc/ssh/sshd_config

add or change as these :
PermitRootLogin forced-commands-only
AllowUsers root

save and exit

$service sshd restart
$vi /root/.ssh/rsync-only

add these lines :

#!/bin/sh
logger -t ssh-command “$SSH_ORIGINAL_COMMAND”
echo $SSH_ORIGINAL_COMMAND > /tmp/work.$$
if ! grep -q ‘^rsync –server ‘ /tmp/work.$$
then
logger -t rsync-key INVALID COMMAND “\”$SSH_ORIGINAL_COMMAND\”"
exit 1
fi
rm /tmp/work.$$
exec $SSH_ORIGINAL_COMMAND

save and exit

$chmod 755 /root/.ssh/rsync-only
$vi authorized_keys

change this :
ssh-dss AAAAB3NzaC1ksdfjskdjfkdjsdjas…..etc

to this :
command=”/root/.ssh/rsync-only” ssh-dss AAAAB3NzaC1ksdfjskdjfkdjsdjas…..etc

on backup server as root :

$vi /etc/crontab
add this line (all in one line) to backup every wednesday at 4 am :

0 4 * * 3 root rsync -aS –delete -e “ssh -i /root/.ssh/rsync-key -p 222″ root@remoteserver:/home/vpopmail/domains /home/mail/cron

save and exit

remote server is using non standard ssh port. that’s what -p 222 is for.

$service crond restart

references:
http://goodcleanemail.com/index.php?option=com_content&task=view&id=45
http://www.qmailinfo.org/index.php/ExampleRsyncScripts
http://qmail.jms1.net/backup.shtml