Backing up Ubuntu laptop to Ubuntu Server with passwordless rsync

Posted on Wed 26 September 2018 in Technical Solutions


The server has been running for almost nine months. It's been backing up family data and pictures from phones without any problems. Now it's time to back up the laptop because I have the space and really should make sure the stuff that isn't work related (ie. the stuff that is in the work git repositories) is also backed up.

Enter rsync.

How To

My goal is to automatically back up my home directory from the laptop to the server on a daily basis. This will provide a once a day backup and if I need to do more than that in the future, it will be as easy as modifying the final cronjob that I'll use.


The first step is setting up an SSH key so that I don't have to manually provide a password. I can, in the future, add restrictions on the server side as to what this particular key will be able to do too. I'm not doing that today though, because I don't open SSH to the outside world.

The first thing to do is generate a new key. I already have an SSH key configured, but it has a password. On the laptop, run the following:

ssh-keygen -t rsa -b 2048 -f ~/.ssh/laptop-rsync-key

When asked to enter a passphrase, simply press enter and then enter again to confirm the empty passphrase.

This will put laptop-rsync-key and in my user's .ssh/ directory.

Copy the public key to the server

Next, we need to copy the public key that was just generated to the server.

scp ~/.ssh/ andy@

Once it's been copied, log into the server. Now you need to add this key to the authorized_keys.

cd ~/.ssh
cat >> authorized_keys

rsync command

The final command to back up my home directory is pretty simple. This command is going to tell rsync to use the new SSH key that was just created, to exclude all dot files and directories, and to delete anything that has been removed on the laptop from the server. The backup will go in ~/backup/laptop on the server.

rsync -a -e "ssh -i ~/.ssh/laptop-rsync-key" ~/ andy@nas:~/backup/laptop --exclude=".*" --exclude=".*/" --delete

Once I confirmed this worked, I added it to my user's crontab on the laptop. It will run once a day now.

Next steps

The next steps I'll take be taking are to restrict the new SSH key on the server to only allow it to perform rsync tasks. This can be done by slightly modifying the appropriate line in authorized_keys. I'll see how this daily, single, back up works for a while. If I need to, I may change it to a rotating weekly backup. I don't forsee that right now, but I need a few weeks of seeing how this works and if the single day is good enough.

- is a father, an engineer and a computer scientist. He is interested in online community building, tinkering with new code and building new applications. He writes about his experiences with each of these.