I needed a simple backup strategy for a folder on one of my servers. There is an abundance of articles how to do it with rsync, but I somehow could not find one that was simple enough for me to understand, and also secure. So here are my thoughts and links.
First, I created a new non-sudo user on my server where the backup should lie. Then, I followed the steps of this tutorial but run into problems when testing the restrictions of the SSH commands. In the end, it turned out that I have placed the command in front of the wrong SSH key.
But the tutorial will result in a non-secure system as described in this post on serverfault. So, you have to change the owner of the validate_sync script to root and set the right permission to authorized_keys file as described in the post.
Finally, I added a crontab:
0 5 * * * rsync -az –delete -e ssh X@Y:Z /home/USER