{"id":671,"date":"2014-08-08T10:33:01","date_gmt":"2014-08-08T13:33:01","guid":{"rendered":"http:\/\/blog.abratel.com.br\/?p=671"},"modified":"2014-08-08T10:33:01","modified_gmt":"2014-08-08T13:33:01","slug":"backup-pfsense-via-rsync","status":"publish","type":"post","link":"https:\/\/blog.abratel.com.br\/?p=671","title":{"rendered":"Backup pfsense via rsync"},"content":{"rendered":"<p>Purpose: remote backup the firewall<br \/>\nSolution: rsync+ssh backup<br \/>\nRequirements:<br \/>\n    rsync, ssh, shell (for both firewall + client)<br \/>\nSettings:<br \/>\n    firewall (192.168.1.1)<br \/>\n    backup client (192.168.1.9)<br \/>\n    pfsense: FreeBSD xyz.localdomain 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11<br \/>\nFIXME:<br \/>\n    security hole due to NON-password private RSA key<\/p>\n<p>Step 0: prepare non-password RSA key ==> for automatic proccess<br \/>\n   a. from client, use ssh-keygen to generate private\/public key without password<br \/>\n   b. put the private key to client => ~\/.ssh\/firewall<br \/>\n   c. put the public key to firewall => \/root\/.ssh\/authorized_keys (you can use web gui to update the key)<br \/>\n   Please try this step by yourself. Google it  <\/p>\n<p>Step 1: install rsync to firewall<br \/>\n    a. download FreeBSD-6.2.iso DISC2 and mount to somewhere. We will have rsync-2.6.8_2.tbz for freebsd-6.2<br \/>\n    b. Put `rsync-2.6.8_2.tbz` to the firewall (by web server from client or use webGUI to upload file)<\/p>\n<p>Or you may fetch this rsync from my server:<br \/>\nCode: [Select]<br \/>\nfetch http:\/\/kyanh.zapto.org:9999\/freebsd\/rsync-2.6.8_2.tbz<\/p>\n<p>    c. ssh login to firewall<br \/>\n    d. then install package:<br \/>\nCode: [Select]<br \/>\npkg_add rsync-2.6.8_2.tbz<\/p>\n<p>Step 2: modify the SHELL login message<br \/>\n   a. ssh login to the firewall<br \/>\n   b. empty the file .profile<br \/>\nCode: [Select]<br \/>\ncd \/root\/<br \/>\necho &#8221; > .profile<br \/>\n  This step is required, so that we can use rsync backup script from client. If you donot do this, the shell is INTERATIVE and rsync from client cannot do the backup routines<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Purpose: remote backup the firewall Solution: rsync+ssh backup Requirements: rsync, ssh, shell (for both firewall + client) Settings: firewall (192.168.1.1) backup client (192.168.1.9) pfsense: FreeBSD xyz.localdomain 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 FIXME: security hole due to NON-password private RSA key Step 0: prepare non-password RSA key ==>&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[10],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/671"}],"collection":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=671"}],"version-history":[{"count":1,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/671\/revisions"}],"predecessor-version":[{"id":672,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/671\/revisions\/672"}],"wp:attachment":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}