Configuring Backup

A one-time configuration is required before you run or schedule SCP backups. For other backup methods, this configuration is not required and you can directly schedule or run a backup.

Before you can use SCP backup for the first time, you must set up and test the SSH key on the appliance using the system keycopy CLI command. In a failover setup, you must perform the test on active and standby nodes.

Prerequisites

Before setting up and testing the SSH key, ensure that you meet the following requirements:
  • You must have the credentials and appropriate permissions to access a server that supports SCP, typically any UNIX or Linux system.
  • rsync must be installed on the backup server.
    Warning: The rsync version on the backup server must be higher or equal to the version running on the LogLogic LMI appliance. Otherwise, the backup process fails. To check the rsync version run the command: 
    rsync --version

Procedure

  1. In the appliance CLI, copy the public SSH key of the appliance to the SCP server:
    1. Run the system keycopy command: 
      > system keycopy
    2. When prompted whether to test or copy the key, enter C to copy the key.
      The key is copied to the SCP server and its path is displayed.
  2. Note down the displayed SCP server path where the key is copied. Later you need to append this file to ~/.ssh/authorized_keys on the SCP server for the SCP account of the user (this must be identical to the user in Step 5).
    Note: The actual directory that '~' maps to is different for each user, because the shell maps it to the user’s home directory based on the username that is logged in.
  3. (For LogLogic LMI 6.2.0 or earlier): Set the permissions of the ~/.ssh/authorized_keys file to 600 by running the following command: 
    $ chmod 600 ~/.ssh/authorized_keys
    Unless the file has permission 600, the files cannot be backed up to the server.
  4. When prompted, enter the SCP server IP address (provided by your administrator).
  5. When prompted, enter the SCP user name (provided by your administrator).
    When prompted, confirm the displayed host IP address and RSA key fingerprint.
  6. When prompted, enter the password.
  7. Log in to the SCP server and append the appliance key to -/.ssh/authorized_keys on the server. For example: 
    SCP Server: IP-address login as: scpdata ============================================================= Machine Name:  sqalinux Owner: SQA Administrator Groups: RE/SQA/Documentation Last Update: Mar 25, 2019 ============================================================= SCP_server:~> ls -l /tmp/LOGLOGICPUBKEY -rw-r--r--    1 scpdata  users         611 2019-03-08 18:07 LOGLOGICPUBKEY SCP_server:~> cat /tmp/LOGLOGICPUBKEY >> ~/.ssh/authorized_keys
    If you want to configure multiple keys, you must perform separate copy operations using separate SSH sessions and enter the password during each session.
    The SCP setup is complete.
  8. Verify the SCP setup:
    1. Run the system keycopy command:
      > system keycopy
    2. When prompted whether to test or copy the key, enter T to test the key.
    3. When prompted, enter the SCP server IP address (provided by your administrator).
    4. When prompted, enter the SCP user name (provided by your administrator).
      The appliance copies a test file (scptestfile) to the SCP server and then copies it back to the appliance.
      After the test copies complete successfully, a message is displayed.

What to do next

Schedule a backup or run a backup immediately. See Running Scheduled or Immediate Backups.