Can't get SFTP destination to work

Hi another crashplan migrant here. I don’t want to start a new thread as I am just dipping my toes in the Dupliati water as a test right now ( I need peer to peer backup) and searching this thread seemed to be the most relevant existing topic.

So I’m starting on my windows 10 desktop with a local test install of duplicati and filezilla server, but cant get SFTP destination to work :frowning:

I’ve done a small “local folder or drive” backup with duplciati and that seems to work ok (a few Mb).

I’m now trying the same via localhost to the filezilla FTP server which I have configured to force to be SSL FTP (SFTP). I’ve generated a certificate etc.

Using the filezilla client i can SFTP log in and write files to the server (good).

Duplciati new backup with SFTP option times out when testing. I can see Filezilla showing a logon attempt but not getting to full logon.

I’ve tried setting accept all certs in the duplciati advanced options but that did not help.

Any suggestions to make filezilla sftp server work as a destination?

Otherwise suggestion for another easy to set-up windows 10 based destination that can be reached over the internet for peer-to-peer backup ? (minio looks interesting but I’d also have to learn docker and a lot more - looks too much ).

Out of curiosity, are you running the SFTP server on the same machine and Duplicati is running?

Also, does anything show in the Duplicati logs (either in the web interfaced or the C:\ProgramData\Duplicati\updates\Duplicati-crashlog.txt file)? You might want to try running the backup again while watching the Live log in Profiling mode (I find it easiest to do what with two browser windows - one on the log and one in which to
start the backup).

Oh, and you don’t have to use Docker for Minio.

Thanks for the reply and that link to Minio on Win 10 … I’ll read up on it a bit.

Yes just testing things out so runing the SFTP server on the same PC as duplicati (IP 127.0.0.1) to start simple. Duplicati log gives:

_Operation List with file  attempt 1 of 5 failed with message: Socket read operation has timed out after 30000 milliseconds._
_Renci.SshNet.Common.SshOperationTimeoutException: Socket read operation has timed out after 30000 milliseconds._
_   at Renci.SshNet.Abstractions.SocketAbstraction.Read(Socket socket, Byte[] buffer, Int32 offset, Int32 size, TimeSpan timeout)_
_   at Renci.SshNet.Session.SocketReadLine(TimeSpan timeout)_
_   at Renci.SshNet.Session.Connect()_
_   at Renci.SshNet.BaseClient.Connect()_
_   at Duplicati.Library.Backend.SSHv2.CreateConnection()_
_   at Duplicati.Library.Backend.SSHv2.List()_
_   at Duplicati.Library.Main.BackendManager.DoList(FileEntryItem item)_
_   at Duplicati.Library.Main.BackendManager.ThreadRun()_

Filezilla server gives:

(000005)10/3/2017 13:09:41 PM - (not logged in) (127.0.0.1)> Connected on port 990, sending welcome message...
(000005)10/3/2017 13:09:41 PM - (not logged in) (127.0.0.1)> 220-FileZilla Server 0.9.60 beta
(000005)10/3/2017 13:09:41 PM - (not logged in) (127.0.0.1)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000005)10/3/2017 13:09:41 PM - (not logged in) (127.0.0.1)> 220 Please visit https://filezilla-project.org/
(000004)10/3/2017 13:10:01 PM - (not logged in) (127.0.0.1)> 421 Login time exceeded. Closing control connection.
(000004)10/3/2017 13:10:01 PM - (not logged in) (127.0.0.1)> disconnected.

I think, you are mixing two different protocols - SFTP and FTPS.
Filezilla server (as far as I remember) is an FTP server with SSL/TLS support, which is called FTPS. This is same old FTP with encrypted transport.

SFTP, on the other hand, is actually SSH file transfer protocol and is not compatible with FTPS.
Duplicati supports SFTP. It may support FTPS with FTP backend, I did not check…
I can’t find quickly of Filezilla server started supporting SSH, but any other SSH server will work as SFTP backend (OpenSSH, Bitwise, etc…)

EDIT: Just checked and both ftp and aftp backends support FTPS with appropriate parameters.

EDIT 2: From Filezilla wiki: Support for SFTP (SSH File Transfer Protocol) is not implemented in Filezilla Server.
https://wiki.filezilla-project.org/FileZilla_FTP_Server

Yep - I think @dgcom has it, I’m seeing FTPS in FileZilla Server but no SFTP.

It’s mentioned in Run backup when PC is idle that they were able to use “Alternative FTP” as the source Storage Type to connect to their server using FTPS.

Welcome to the forum. I edited your post to improve the formating. (Just added ~~~ before and after the output you pasted, see here for details).

Ahh sorry for mixing up FTPS and SFTP. A quick try with alternate method times out too :-/

Time to rethink this.

I Just need the simplest storage server method (for windows 10) that duplicati supports with an easy update path to keep the storage server backed updated / secure. Also something with a simple set-up guide would be great. Is Minio the easiest then?

It would be great if duplicati had a built in storage server back-end (lie Minio) so I didn’t need to roll two programs. Could that be a future feature perhaps?

ahh, thanks. I didn’t see option for code blocks in the reply tools…

I agree - that would be a wonderful feature for people wanting P2P with (or instead of) cloud storage. But there are already a few tools out there that offer functionality that Duplicati can use as a destination so it makes more sense to spend time adding backup features to Duplicati than re-implementing stuff that already exists.

That said, like Duplicati some of those tools are open source so there’s no reason somebody couldn’t take the two and combine them into a single instal file with a setup wizard to simplify configuration. :wink:

Unfortunately I’m not that person - but if you post an “issue” for Duplicati at Github you can then put a Bounty (payment offering) on it. If other people are interested enough to put some money into having the same features added then somebody who DOES have the skills to do it might just make it happen! (the SIA bounty is a good example of how that can work).

“Easiest” is really in the eye of the bolder, er, implementor. I found Minio very easy to play with (testing only so far) and the Setting up self-hosted Minio on Windows 10 with automatically renewing SSL certificate #howto guide has been viewed over 100 times in the last 19 days.

Keep in mind, too, that your specific needs may vary from others - for example, I already have a good firewall and router set up with various port forwarding enabled which makes things like SFTP or Minio pretty easy to get to from the Internet.

But if you don’t have those sorts of things configured in your network yet, you may find ANY self-hosted destination harder to set up that guides might imply they are. Of course I’m assuming that’s what you want - for all I know you only have computers internal to your own network to worry about in which case port forwarding isn’t an issue at all…

That’s part of what makes CrashPlan and other cloud based services so convenient to use - THEY take care of the “server side” of things, so you only have to worry about the client. Eveb CrashPlan’s person-to-person backups still relied on their cloud servers to get the two two “persons” talking to each other…

If you decide to keep going with Duplicati and try to set up your own destination, let us know how it goes. If a guide helped you out, click that :heart: button for it, or if you had to do things slightly differently for your own setup feel free to reply to the guide and explain what worked for you - or even start your own #howto if nobody has yet documented exactly how you did it!

Jon, thanks for the overview. I will follow thru the Minio guide in the next few weeks and see how it goes. I’m comfortable with port forwarding on my router and dynamic IP lookup so that should be ok.

On a related note of staying up to date (for security). Does Minio or Duplciati alert you when there is a new version or do you need to check in on the developers sites regularly to get updates? And does installing a new update over the top in Windows ever break existing backup tasks or backup files?

I’m not sure about Minio, but Duplicati does show a popup message in the bottom of the web interface when a new version appears in the Update Channel (Default, Beta, Experimental, Canary) selected on the Settings page. I’m not sure if that translates into a Windows message or not.

Duplicati has a built in updater - so when it alerts you that there is a new version you can download and install it from within the web interface. To answer your specific question, it shouldn’t cause any problems if you choose to MANUALLY download and install a newer version than what’s already installed. Note that manually installing a LOWER version or a different Update Channel (like going from Canary to Beta) should ALSO work just fine, but isn’t guaranteed as some development channels may be used to test new settings or database changes that aren’t backwards compatible.

All the above about updates being said - I must confess that on my test machine I went from an install of 2.0.2.1 beta through 3 Canary updates (and a shift from “client” to service mode) and managed to screw things up to badly Duplicati wouldn’t even start.

However, I was able to recover by making backups of my dbconfig.json, Duplicati-server.sqlite, and individual backup sqlite files, uninstalling Duplicati (via Windows Programs and Features), re-installing Duplicati, and putting the backed up files back in their original folders. Please note my case is likely VERY unusual due to the amount of testing and fiddling I do to try and duplicate errors reported by other users.

1 Like

Well the pop up is good. Thanks :slight_smile:

I think I will keep duplicati as a tray-icon client as my server always boots into the same user account.

JonMikeIV, Thanks again for all your help. I’m still on the learning curve but successful followed the windows minio set-up guide and have been running for a few weeks with some small duplicati test backups. :slight_smile:

I also just tried seeding a backup to a local directory then moving to my minio server and then changing the backup configuration to point to that. Seems to be successful which is a good test before I seed large amounts of data to a remote site via portable HD.

One question- I copied the local backup to a second new location and saved and re-imported the backup config and changed the name and new location to the second copy, apart from needing to repair the database it seems to work and both copies+backups (old and new) seem to work. Is this a good way of using a local backup as a seed for a remote one? or should I pre-seed a completely separate local backup first then move that?

FYI - I run my windows 10 minio server as a regular program (not a service) and there was a message in the minio console text that did warn me the other day that my minio version was out of date and where to download the new one, so that was helpful :grinning:

1 Like

Technically, yes - that method (run backup, copy destination, export backup, import backup as new & point to destination copy) should work as long as:

  1. You never plan to merge both destinations into a single one (which is probably a bad idea in any case)
  2. You don’t plan to change the encryption passphrase (again, not something you should do in any case)

Note, however, that normally each dblock (archive) and dindex file gets a “unique”(ish) name while the dlist file is named with a timestamp. Having two destinations with a BASE of common names (that will diverge with each run after the split) could very strongly suggest to anybody that cares to notice the commonalities that the two backups were from the same source. Plus, via the dlist timestamps, they could determine when the split occurred.

I don’t know what anybody could really DO with such information (perhaps somehow a seed for eventually hacking the encryption?) but I thought you should know in case you cared.