Safest way to back Synology to another Synology NAS remotely with encrypted connection

Following “most” of your advice I bought a 918+ for main house and 218+ for lake house. Each is ubiquiti with its own cloud key gen2 (i use protect from them). (I don’t want to send video over the Net) What is the best way to connect these two for Hyper backup and Vault? Does Quick connect allow this – as I can’t seem to make it work. Both ends are served by non-satic addresses from the ISPs. Do I have to set up Dynamic DNS via a service and use port forwarding?

would like your advice – mendes – remember two private networks that don’t know each other exists – purely home use

Yes, you will need to start with either static IP or DyDNS service. Here is how : https://www.synology.com/en-global/knowledgebase/DSM/help/DSM/AdminCenter/connection_ddns

Hyber backup

will allow you to encrypt the data on detination device.

Data encryption and compression

Military-grade AES-256 and RSA-2048 encryption technologies protect data from illicit access. Compression reduces outbound traffic and storage consumption.

 

 

 

Other option is to use Shared Folder Sync. 

To create a sync task:

  1. Log in to the source Synology NAS, and go to Control Panel > Shared Folder Sync > Task List.
  2. Click Create.
  3. Enter a name for the task.
  4. Select the shared folder you want to sync to the destination.
  5. Specify the destination Synology NAS and the following sync options:
    • Customize SSH encryption port for encrypted shared folder sync: Specify the desired encryption port for SSH transfer encryption.
    • Enable SSH transfer encryption: Encrypt data during transfer. This provides better security, while non-encrypted transfer provides better performance. You can choose according to your needs.
    • Enable transfer compression: Compress data during transfer. It will save network bandwidth but increase CPU loading.
    • Enable block-level synchronization: Transfer only differential data instead of whole files. It will save network bandwidth but increase CPU loading.
  6. When prompted, select any of the following options to decide when to sync from the source to the destination:
    • Run sync on modification: Run the sync task immediately once any change occurs at the source shared folder.
    • Run sync manually: Run the sync task manually from the source shared folder.
    • Advanced schedule: Click Schedule Plan to specify when to perform the sync task.
  7. Click Apply. Now you can see the sync task on the task list, which will be performed according to the specified schedule.

 

 

 

My favourite way of backing up

Rsync

You can allow other users to back up data via rsync from a Synology NAS or rsync-compatible clients to your Synology NAS.

Enabling rsync Backup Service

To enable rsync service:

Go to Control Panel > File Services > rsync, and select Enable rsync service.

To assign rsync backup privileges:

Assign proper rsync privileges to users so that these users can back up data from a source Synology NAS or an rsync-compatible server to the destination Synology NAS.

  1. Go to Control Panel > Privileges.
  2. Select rsync (Shared Folder Sync, LUN Backup on supported models) and click Edit to assign privileges.
  3. Assign Allow privileges to the desired users (DSM users for encrypted rsync, or rsync accounts for unencrypted rsync), or further specify the allowed IP addresses for specific users.

Note:

To perform rsync backup from a Synology NAS running a version of DSM before 3.0 or a client that is not a Synology NAS, and to retain the source data’s owner and group information, you must add the rsync accounts to the administrators group, and back up data to the NetBackup shared folder in the daemon mode.

Enabling Rsync Accounts

If you perform rsync backup from a non-Synology NAS client, you have to create rsync accounts on the destination Synology NAS so that the rsync users can back up data to your Synology NAS.

To enable rsync accounts:

  1. Go to Control Panel > File Services > rsync, and select Enable rsync account.
  2. Click Edit rsync Account to set users and corresponding passwords for authentication.
  3. Click Apply.

Note:

  • If the rsync service is encrypted (that is, having a specified SSH encryption port), the system will directly apply DSM users’ usernames and passwords as their rsync accounts.
  • If the rsync service is unencrypted, you need to create corresponding rsync accounts for them.

Using Customized rsync Configuration

You can use customized rsync configuration, and configure user privileges and backup destination on your Synology NAS. Other people can therefore perform rsync backup from their Synology NAS devices or rsync-compatible clients to the destination shared folders (or “backup modules”) on your Synology NAS.

To use customized rsync configuration:

  1. Log in to your Synology NAS device via Telnet or SSH.
  2. Specify the backup module and authorized users in the rsync configuration file “/etc/rsyncd.conf“. For detailed information, refer to the manual page of rsyncd.conf on your rsync client or here.

Note:

If the backup module and the shared folder share the same name, the backup module setting will be used.

Enabling Speed Limit

You can control the maximum usable bandwidth of rsync backup for users and groups.

To enable speed limit:

  1. Go to Control Panel > File Services > rsync. Select any of the following:
    • No speed limit
    • Enable speed limit
    • Enable speed limit according to a schedule (Click Set Schedule for further modification.)

    Note:

    This is a server-wide setting and will override the settings of individual users and groups. For example, choosing No speed limit disables the speed limit settings of all users and groups.

  2. If you have enabled speed limit, click Speed Limit Settings, and click the desired user/group to modify the settings:
    • None: No speed limit will be applied when group members transfer files with the service.
    • Apply group settings: The user will share the same speed limit settings with the affiliated group.
    • Constant: A fixed, constant speed limit will be applied to the user or group members. Upload and download speed limits can be specified in the fields to the left.
    • Customized: Two different speed limits can be specified and applied to the user or group members according to a schedule. Click Customize to modify the speed limit settings and set a schedule.
  3. Click Apply.

 

 

 

Posted in Uncategorized