Configuring a BackupPC Linux Client

You can use the provided bash shell script (you’ll have to add your server’s SSH Public Key to it):

Or do it manually, as depicted below.

First you must create the BackupPC User for the server to be able to copy files.

# Create the BackupPC User
adduser backuppc --disabled-password
# Ensure it has no password access (only logon with ssh key)
passwd -l backuppc

If you do not have these dependencies installed, install them.

apt update -y && apt install sudo rsync

Add your backuppc user to the sudoers (only allow the rsync command)

# Create the file
touch /etc/sudoers.d/backuppc

# Use the correct permissions on the file
chmod 440 /etc/sudoers.d/backuppc

# Add the command to your sudoers
echo -e "backuppc ALL=NOPASSWD: /usr/bin/rsync * \n" > /etc/sudoers.d/backuppc

# Check that it parses properly
visudo -c

Now create the .ssh directory in /home/backuppc and copy the server’s ssh public key.

In the server:

# Do a cat of the public key
cat /var/lib/backuppc/

In the client:

# Create the directory
mkdir /home/backuppc/.ssh

# Copy your key to the authorized_keys file
echo $key > /home/backuppc/.ssh/authorized_keys

# Ensure known_hosts exists
touch /home/backuppc/.ssh/known_hosts

# Ensure the correct ownership and permissions
chown -R backuppc:backuppc /home/backuppc/.ssh
chmod 700 /home/backuppc/.ssh
chmod 600 /home/backuppc/.ssh/*

# Do a keyscan of the server
backuppc_server_ip="" # Use the IP your server has
ssh-keyscan "$backuppc_server_ip" >> /home/backuppc/.ssh/known_hosts

Also you will need to make sure that your Client SSH Server allows pubkey authentication.

# If you want you can put this in a bash script and execute it 
# or do it manually.

if [[ $(grep "#AuthorizedKeysFile" "$sshd_config_path") ]]; then
    echo "Enabled the AuthorizedKeysFile parameter in $sshd_config_path"
    sed -i "s/^#\(AuthorizedKeysFile.*\)$/\1/g" "$sshd_config_path"

Then go back to your server and do the following:

# Use your client IP here
sudo -u backuppc ssh $client_ip

# You should be logged into the client, you can exit immediately by
# writing "exit" or pressing CTRL+D

Then go to your BackupPC GUI and Add the host!