Creating a Remote Backup with rsync on macOS (Legacy Hardware)
This post documents my process for creating an off-site backup of important files from my file server to a remote location. In this case, the remote site is my mom’s house. She has a 200 GB data plan, which should be sufficient for incremental backups.
The plan is to fully test and populate the backup drive locally, then deploy the remote system once everything is stable and reliable.
Hardware Overview
Primary File Server
- Mac mini (Late 2009)
- 4 GB RAM
- macOS 10.11.6 (El Capitan)
- macOS Server installed to support Time Machine backups
Remote Backup Host
- Mac mini (Late 2005)
- 1 GB RAM
- macOS 10.5.8
Despite the age of this hardware, it is more than capable of handling rsync-based backups.
Dynamic DNS
Because the remote site uses a residential internet connection, Dynamic DNS is required.
I’m using No-IP, as they still provide a Dynamic Update Client that runs on macOS 10.4–10.6. The Dynamic Update Client points to:
deanbackup.ddns.net
Passwordless SSH with RSA Keys
To allow rsync to run unattended, SSH must authenticate without prompting for a password. This is accomplished using an RSA key pair.
Generate the RSA Key Pair (on the server)
server:~ server$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/server/.ssh/id_rsa):
/Users/server/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/server/.ssh/id_rsa.
Your public key has been saved in /Users/server/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:62PqcsJQL3nv2EMZEZS1D/8q+1NohWm7DrpSYWAs7LY [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . . .o+. |
| o + o . |
| . o . .o o |
| + + ++ . |
| o + .S+ .o+ |
| . E o +. +.. |
| o o +. .. o. |
| + o+=...o. |
| =+=*+.=+. |
+----[SHA256]-----+
When prompted:
- Accept the default file location (
~/.ssh/id_rsa) - Leave the passphrase empty
This creates:
id_rsa(private key)id_rsa.pub(public key)
Copy the Public Key to the Remote Host
The .ssh directory does not yet exist on the remote system, so it must be created first. The following command handles both directory creation and key installation:
cat ~/.ssh/id_rsa.pub | ssh [email protected] "mkdir ~/.ssh/; cat >> ~/.ssh/authorized_keys"
After this step, SSH access to the remote host no longer requires a password.
Testing rsync
To verify functionality, I created two directories on the server Desktop:
~/Desktop/dir1
~/Desktop/dir2
I then populated dir1 with 100 empty files:
touch ~/Desktop/dir1/file{1..100}
On the remote system, I created a matching dir2 directory on the Desktop.
rsync Test Command
rsync -azP ~/Desktop/dir1/ [email protected]:~/Desktop/dir2 > ~/Desktop/rsyncoutput.txt
Flags used:
-a— Archive mode-z— Compression-P— Partial transfers and progress
Standard output is redirected to rsyncoutput.txt for logging.
Creating an Executable Backup Script
To automate backups, I created a shell script containing the rsync commands.
Initial Script
File: remoteBackup.sh
#!/bin/bash
rsync -azP ~/Desktop/dir1/ [email protected]:~/Desktop/dir2 > ~/Desktop/rsyncoutput.txt
Make the script executable:
chmod 755 ~/Desktop/remoteBackup.sh
I then moved the script to a permanent location:
/usr/local/remoteBackup.sh
Expanded Script for Real Data
After testing, I updated the script to back up actual data volumes:
#!/bin/bash
rsync -azP /Volumes/Primary/Primary/Files \
[email protected]:/Volumes/DATASTORE/ > ~/Desktop/rsyncoutput.txt
rsync -azP /Volumes/Primary/Primary/The\ Big\ Photo\ Library \
[email protected]:/Volumes/DATASTORE/ >> ~/Desktop/rsyncoutput.txt
By specifying only the destination volume (/Volumes/DATASTORE/), rsync recreates the source directory structure automatically (for example, /Volumes/DATASTORE/Files).
Creating a LaunchAgent
To run the backup automatically, I created a LaunchAgent so the script executes nightly. The LaunchAgent lives in:
~/Library/LaunchAgents
Initial LaunchAgent (Interval-Based)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.dean.backup</string>
<key>Program</key>
<string>/usr/local/remoteBackup.sh</string>
<key>KeepAlive</key>
<true/>
<key>StartInterval</key>
<integer>1800</integer>
</dict>
</plist>
Load and verify the LaunchAgent:
launchctl load ~/Library/LaunchAgents/com.dean.backup.plist
launchctl list
launchctl start com.dean.backup
Scheduled LaunchAgent (Specific Time)
I later replaced the interval trigger with a scheduled time:
<key>StartCalendarInterval</key>
<dict>
<key>Hour</key>
<integer>14</integer>
<key>Minute</key>
<integer>35</integer>
</dict>
Final Backup Script with Logging and Retention
The final script adds timestamps, logging, and safe deletion handling:
#!/bin/bash
echo "Start Backup:" > ~/Desktop/rsyncoutput.txt
date >> ~/Desktop/rsyncoutput.txt
rsync -ahzbP --delete \
--backup-dir="/Volumes/DATASTORE/backup/" \
/Volumes/Primary/Primary/Files \
[email protected]:/Volumes/DATASTORE/
rsync -ahzbP --delete \
--backup-dir="/Volumes/DATASTORE/backup/" \
/Volumes/Primary/Primary/The\ Big\ Photo\ Library \
[email protected]:/Volumes/DATASTORE/
echo "End Backup:" >> ~/Desktop/rsyncoutput.txt
date >> ~/Desktop/rsyncoutput.txt
rsync Flag Summary
-a— Archive mode-h— Human-readable output-z— Compression-b— Enable backups-P— Partial transfers and progress--delete— Removes files on the destination that no longer exist on the source--backup-dir— Moves deleted files to a holding directory instead of permanently deleting them
This setup provides a reliable, automated, and reviewable off-site backup solution using inexpensive legacy hardware.