This guide shows how to add an SFTP backup destination to JetBackup.
Configuration
First make sure that you have the appropriate SFTP destination plugin installed and enabled.
When creating the Destination, you will be prompted to install the SFTP plugin and can click "Install Now" to install and enable the plugin. Be sure that you've created a new FTP user on the backup destination server before proceeding.
Next, fill in the Backup Directory with the path you'd like to store your backups, along with the Remote Host, SFTP port, Remote Username, and authentication details. If you'd like to use a SSH Private Key or SSH Private Key with passphrase, please ensure you've authorized key on the FTP users authorized_keys file on the destination first.
Next, click "Save" or "Apply" to save the destination.
An example SFTP Configuration page for the destination:
Specify a unique name for your destination. This will be used internally for your convenience.
This option allows you to add the destination as a "Read Only" destination. You can only restore and download existing backups from a read-only destination. Read Only is required if the Backup Directory is already owned by another destination/server. This option is only selectable upon creating the destination and will be automatically enabled for any destinations added during a Disaster Recovery.
Specify the owner for this destination. This grants the owner and its parent account(s) permission to modify and delete this destination. Please note that the owner specified will also need Can Manage Destinations permission granted under the Permissions section.
This option allows you to set the number of worker threads that can be used by the destination for upload/download/get/delete requests. This will be shared evenly across the number of Concurrent Tasks set for Backup or Restore/Download. As the tasks complete, the available threads will be allocated to the remaining active tasks up to the set limit. You can lower this value if you receive rate-limit errors from the remote destination.
This will be our starting point when accessing this destination. There are two ways to get to each directory: Relative and Absolute
Relative path "./" will point to the Absolute path of the SSH/Linux user home directory "/home/USERNAME"
Make sure that you always have the right permission to the path you're using.
Note: The absolute path must be unique and can not be used by two different Destination Configurations. If a backup directory is already owned by another JetBackup Destination, you may create a "Read Only" Destination to that path.
A simple hostname or IP address to access the remote backup server.
Your remote port. Default port is 21.
The remote user to login with. It is recommended to create a dedicated user for backups and not use root user.
The path to the private key.
SSH keys with or without a passphrase are supported. For optimal security, we recommend creating a SSH key with a passphrase. Please verify that the SSH Public Key is added to the remote user authorized_keys file before creating the destination.
Please review the following guide for instructions on creating a SSH key with password here.
Please visit the following links for specific instructions on how to generate Private keys for Rsync.net or Hetzner Storage Box.
Password for the provided FTP user.
Timeout for the connection. The default value is 30 (in seconds), you can increase this if the connection to the remote server is poor and you might face longer timeout issues.
Number of times JetBackup will attempt to connect to the destination. The default value is 3 Retries. You can increase this value but unsuccessful connections will be made longer.
The SFTP destination uses the OpenSSH sftp-server file transfer daemon. If you receive Error: Expected NET_SFTP_VERSION when creating the destination, please enable the sftp-server or internal-sftp subsystems in the remote destination's /etc/ssh/sshd_config in order to add the SFTP destination to JetBackup 5.
Example:
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
The SFTP destination will open up to 10 Connections per Backup Fork by default. The Maximum Concurrent Threads setting will determine the number of Connections per Backup Fork. If you encounter abnormally slow backups or retry errors, you may be reaching session/IO limits on the destination.
If your destination is returning rate limit errors, first try reducing the number of Maximum Concurrent Threads or the number of Concurrent Backup Tasks.
Otherwise, you can modify the "MaxSessions" and "MaxStartups" settings on the destination /etc/ssh/sshd_config to allow a higher volume of sftp-server processes to be opened on the destination and avoid rate limiting. For more information on these settings, please see the sshd_config manual.
Example:
MaxSessions 200
MaxStartups 1024