# Full backup from remote to local without using root

## pavel.stratil

Hi everyone,

I'd like to pull backups from a server to my desktop via a cronjob. For security reasons, root login is disabled on the server. My desktop's IP address changes over the time. Sofar I've been using rdiff-backup with

```

rdiff-backup --remote-schema 'ssh -C -p1234 %s nice sudo /usr/bin/rdiff-backup --server --restrict-read-only /'  backup@remotehost::/source /local/dest ;

```

to do that. After rdiff-backup has been dropped from the tree, I've been looking for a replacement at https://wiki.thingsandstuff.org/Backup ... I found obnam, duplicity, bup, attic, and unison interesting/partially covering what I need, but actually have a problem on replicating rdiff-backups functionality and have all the beauty of:

- pull complete backup snapshots from remove host (incl. the the /root folder)

- transfer only the delta over a secure channel (i.e. ssh)

- automatic deduplication

- remove older snapshots, mounting snapshot

- keep file permissions and attributes intact

- have a tool simple to set up

does anyone have a tip on how that can be replicated with rdiff-backup alternatives? Is there a way how achieve this somehow with some tunneling magic?

Thanks in advance!

----------

## The Doctor

I think you should look into using rnsapshot It is easy to configure, and works over ssh although I have not used this capability. I believe it fulfills all the requirements you listed.

----------

## deefster

The Doctor is right, rdiff-backup is deprecated, and rsnapshot works very well.  

The only caveat with it is it needs to pull.  In my case, I'm backing up to a linux-based NAS (hacked stora), so I just setup the cron there with ssh keys.  I do connect as a non-root user, so it is possible.

If the pull thing is an issue for you, and you have the local space, you can backup locally first, and copy that off to your remote location.

----------

## szatox

If you want to backup the whole host, and not only your files, you must have full access. This is what root is for.

So, there aer a few possible ways to handle it.

You can login using public key authorisation rather than password.

You can login to a user account and escalate permissions with su/sudo

You can run some daemon that would have read access to everything and let you copy it. Well, doesn't seem to be a good idea, but you CAN do it.

In case of virtual machines you can also take a snapshot and use it for external backup rather than internal one. In this case limited access to host system is enough.

----------

