HowTo: Encrypted Bandwidth-Efficient Linux Backup Powered by Duplicity

If you are looking for another backup linux utility that supports GnuPG encryption mechanism over file and folder data backup and transfer, read on.

Duplicity backs up directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification from the backup server destination or location.

Duplicity supports incremental backup of files and director folders by doing encryption mechanism with GnuPG and uploading them to a remote/local backup file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon S3 have been written.

Currently duplicity supports deleted files, full unix permissions, directories, symbolic links, fifos, device files, but not hard links. The duplicity package also includes the rdiffdir utility. Rdiffdir is an extension of librsync's rdiff to directories. Rdiffdir can be used to produce signatures and deltas of directories as well as regular files.

Duplicity Installation
Duplicity rpm package is available from Fedora package, thus can be installed using yum like so

# yum -y install duplicity

Duplicity Binary Usage
Here is a basic backup command, which causes duplicity to use scp/ssh to back up /home/vertito from the local system to /usr/backup on another remote host.

# duplicity /home/vertito scp://username@remote.host.com//usr/backup

If the above command is run on repeated basis, the first session will be a full backup, and subsequent ones will be incremental. The --full option can be used to force a full backup.

Now, to exclude a particular folder like /tmp directory folder, this can be done like so

# duplicity --full --exclude /tmp /home/vertito scp://username@remote.host.com//usr/backup

Using duplicity to backup via FTP authentication
# FTP_PASSWORD=mypassword duplicity /home/vertito ftp://username@remote.host.com/ftp_dir


Duplicity Backup Restore
Restore the /home/vertito directory backed up with scp above to directory restored_dir location:

# duplicity scp://username@remote.host.com//usr/backup restored_dir

Quite handy also for bloggers trying to do backup and restore to and from remote locations.

That is all, enjoy.

Related Articles
Linux Backup powered by Rdiff-Backup
Linux Backup powered by RSync
Linux Backup powered by Tar
Linux Backup powered by RSnapShot