Here is a script to allow you to create a secure offsite backup of your home directory. Offsite is provided as the remote machine can be anywhere you can get to via SSH. Secure is provided by means of using a Mac OS/X Encrypted disk image as the storage device.

Obviously this could be a little more easily achieved using VNC to do the remote disk creation and mounting via the GUI, but that requires potentially better bandwidth than this method (I know rsync can gobble bandwidth, but that can be translated to just taking a long time without actually being annoying like waiting for screen refreshes over slow links are).

To create the initial backup disk image log onto the backup host and run the following command (I have assumed 8GB should be a big enough image).

mkdir /BACKUP_DRIVES/
hdiutil create -size 8g -fs "Journaled HFS+" -volname "`whoami`@MacBookPro" -encryption -stdinpass -verbose /BACKUP_DRIVES/`whoami`.MacBookPro

I chose to add MacBookPro as I have a MacBookPro laptop so the name give indication of what the backup is should you have a couple of machine you want to backup. The added beauty of this is that it will let you backup any client machine with bash, ssh and rsync installed.

Because it’s encrypted, you could even get to gether with friends and arrange acconts on each others machine which you can use for backup purposes as they won’t have access to your data except during the backup cycle. So depending on how much you trust them ....

At some point I might add instructions for achieving this with a Linux “server” as they are far more prevalent as cheap on-line virtual servers.

Note that I have an internal and external option as when I visit the location of the machine I connect via internal networks not he ADSL connection. I also assume your account name is the same on both machines.

#!/bin/bash
 
case $1 in
        'internal')
                bkhost=192.168.1.10
                bkport=22
                ;;
        'external')
                bkhost=backuphost.dyndns.org
                bkport=22
                ;;
        *)
                echo "Usage: $0 [internal|external]"
                exit 1
                ;;
esac
 
# Connect to backup host and mount disk image
echo Please SSH to $bkhost on port $bkport in another terminal window and mount the Disk Image
echo Run:
echo "  ssh -p ${bkport} ${bkhost}"
echo Then run:
echo "  read -s -p \"Disk Image Password:\" DSKPSWD; echo -n \"\${DSKPSWD}\" | hdiutil attach -autofsc
k -stdinpass /BACKUP_DRIVES/`whoami`.MacBookPro.dmg"
read -p "Hit return when mounted" CRAP
 
echo Checking image mount
ssh -p ${bkport} ${bkhost} 'df -h /Volumes/`whoami`\@MacBookPro >/dev/null 2>&1 || exit 1' || exit 
1
 
echo Updating backup
rsync -Eavz -e "ssh -p ${bkport}" --delete --exclude=.Trashes/ --exclude=.Trash/ --exclude=.Spotlight-
V100/ --exclude=Caches/ /Users/`whoami`/ ${bkhost}:'/Volumes/`whoami`\@MacBookPro/'
 
echo Checking disk image
ssh -p ${bkport} ${bkhost} 'DSKDV=`df -h |awk "/`whoami`@MacBookPro/ {print \\$1}"` ; diskutil unmo
unt ${DSKDV}; fsck -y ${DSKDV}; diskutil mount ${DSKDV}'
 
echo Unmounting disk Image
ssh -p ${bkport} ${bkhost} 'DSKDV=`df -h |awk "/`whoami`@MacBookPro/ {print \\$1}"` ; hdiutil eject
 ${DSKDV}'

Hopefully at some point I can figure out how to safely pump the password to the script, or get hdiutil to read STDIN over SSH without needing to login. Until then you have to stick to the copy and paste method (I’m thinking it might be some ssh argument required).