Tar over SSH

This document describes how to use tar over a netcat link. But it also shows an example of SSH port forwarding and how to use netcat. I found it useful in backing up a machine where I only had ssh access to and no hard drive space left.

Note: A tar over ssh can be acheived by doing ssh root@host 'tar cf - ' > host.tar.gz but the purpose of this document is to illustrate using netcat and ssh.

Use this doc as model for other things like tar to a serial port, etc.

We are going to use port 3000, it can actually be any other port.
Also the target is a tape drive /dev/st0 it could actually be a file like backup.tar.gz
We are also assuming the ip address of the machine with the tape backup is 192.168.1.1
and the ipaddress of the target machine is 192.168.2.2

1. Protect the port with ipchains or iptables.  This step not needed if you are behind 
a firewall.  Firewalling is beyond the scope of this document and as of the following 
ipchains and iptables rules have not been fully tested.  

with ipchains
ipchains -A input -i eth0 -p tcp -s 0/0 -d 192.168.1.1 25 -j DENY

with iptables
iptables -A INPUT -i eth0 -p tcp -d 192.168.1.1 --dport 3000 -j REJECT

2. Make sure netcat is installed
rpm -ivh nc-1.10-11.i386.rpm

3. With netcat establish the connection from port 3000 to the tape drive using the & sign
shove it into the background.
nc -l -p 3000 > /dev/st0 &

4. Connect to the remote machine and port forward 3000 on the remote machine
to port 3000 on the local machine.  While we are at it we can tar the home
directory and redirect it to netcat port 3000
ssh -R 3000:localhost:3000 root@192.168.2.2 'tar zc /home | nc localhost 3000'

Pretty easy huh.  Really good for bringing a lot of stuff over to tape when you are 
over quota in your home drive.

Note: You will be allowing everyone to connect to port 3000 on the remote host if you
use the -g flag in ssh.  Not good, unless you want to share your tape drive.

Do not email me at psam@minihowto.com