Monthly Archives: March 2015

Admin Admin Podcast #018 – Backups, Backups, Backups

This week we talk about why it’s important to have a backup plan.

Differential backups were the next step in the evolution of backup strategies. A differential backup backs up only the files that changed since the last full backup. For example, suppose you do a full backup on Sunday. On Monday you back up all the files that have changed since Sunday, on Tuesday you back up all the files that changed since Sunday.

Incremental backups also back up only the changed data, but they only back up the data that has changed since the last backup, even if that was an incremental backup, so if you only do a full backup on a Sunday, and you need to restore something on a Friday, you would likely need to restore Sunday+Mon+Tue+Wed+Thursday.

Reverse differential backups are interesting. Your most recent differential backup gets integrated into your full backup, pushing the changes out of the full. The next differential does the same. This means you can do a bang up to date restore from only the most recent backup. But you can still restore previous versions of files from the reverse diff files that were created. You need to tell your backup software to keep only a certain number of the reverse diff files, dependent upon the amount of storage you can allocate to backups.

Admin Admin Podcast #017 – Bits and Bobs

This week we don’t have a show topic, so instead just enjoy our ramblings about what we have been up to:

SSH / SCP / Public Private keys

Public key authentication is a key-based authentication method of authentication instead of using password authentication, which means you don’t have to give away system passwords to third parties.

Public key pair consists of two parts – a public key and private key. The private key sits on the device/server which you are connecting from (in my case the client/customers who are sending
files by FTP to my server).The public key from that client sits on my server and is assigned to users accounts who dial in to transfers their files. When the remote server connects it sends a message encrypted with the private key. My server decrypts the message with the public key to confirm the remote server is who it is saying it is and that the message which was sent was encrypted with the private key of the remote server.

The first time an SFTP client connects to an SFTP server, The SFTP server presents its SSH host key fingerprint before the Public Key authentication happens. Usually the SFTP application prompts the usages to save this fingerprint to a known host file. So that every time the SFTP clients connects to the SFTP server it compares this fingerprint with the fingerprint which the SFTP client sends. This confirms that SFTP client has connected to this SFTP server in the past and it knows to trust it.  As some SFTP clients are automated processes they can’t automatically add the host fingerprint to its own host file. The client might request a copy of the host fingerprint so they can manually add it to their known host file.