SSH: Rotate backup shell script to remove directories (old backup files)

Posted on in Categories Backup, Data recovery, Howto, RedHat/Fedora Linux, Security, Shell scripting, Sys admin, Tips, Ubuntu Linux, UNIX last updated October 9, 2007

Most time you have a limited space on the remote SFTP/ SSH backup server. Here is the script that periodically cleanup old backup files from the server i.e it will remove old directories.


Script will automatically calculate date from today’s date. By default it will keep only last 7 days backup on server. You can easily increase / decrease this limit. In order to run script you must meet the following criteria:

  • Remote SSH server with rm command execution permission
  • SSH Keys for password less login (see how to setup RSA / DSA keys for password less login)
  • Accurate date and time on local system (see how to synchronize clock using ntpdate ntp client)
  • Remote backup directory must be in dd-mm-yyyy or mm-dd-yyyy format. For example daily mysql backup should be stored in /mysql/mm-dd-yyyy format.

Sample Script Usage

Run the script as follows:
./ 7 /mysql "rm -rf"

  • 7 : Remove last 7 days files
  • /mysql : Base directory to clean up. If todays date is 9/Oct/2007, it will remove last 7 days directory /mysql/02-10-2007, /mysql/01-10-2007, …. /mysql/26-09-2007, /mysql/25-09-2007. It means script will only keep last 7 days backup on remote sftp / ssh server.
  • rm -rf : Command to run on directory structure

Sample Shell Script

Install following script:

if [ "$#" == "0" ];then
  echo "$0 upper-limit path {command}"
  exit 1
### SSH Server setup ###
DIR_FORMAT="%d-%m-%Y" # DD-MM-YYYY format
#DIR_FORMAT="%m-%d-%Y" #MM-DD-YYYY format
## do not edit below ##
LIMIT=$( expr $START + $1 )

## default CMD ##

[ "$3" != "" ] && CMD="$3" || :
[ "$2" != "" ] && SSH_PATH="$2" || :

DAYS=$(for d in $(seq $START $LIMIT);do date --date="$d days ago" +"${DIR_FORMAT}"; done)
for d in $DAYS
  ssh ${SSH_USER}@${SSH_SERVER} ${CMD} ${SSH_PATH}/$d

Run above script via cron tab (cronjob):
@daily /path/to/rot.ssh.script 7 "/html" "rm -rf"
@daily /path/to/rot.ssh.script 7 "/mysql" "rm -rf"

How to: FreeBSD Setup Time / Clock Synchronization with NTP server and ntpdate command

Posted on in Categories FreeBSD, Howto, Sys admin, Tips, UNIX last updated January 25, 2006

FreeBSD use the Network Time Protocol (NTP) for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. NTP uses UDP port 123. If you have one computer or single server then you can easily synchronization time with other NTP servers. All you need is ntp client called ntpdate. It is use to set the date and time via NTP servers.

FreeBSD: Install NTP Client

Use any one of the following command to install NTP:

# pkg_add -rv  ntp


# cd /usr/ports/net/ntp
# make; make install

Pick appropriate NTP Servers

Visit public ntp timeserver list to pick up your NTP server.

Open UDP port 123 at firewall

If you are running FreeBSD ipfilter firewall, you need to open the UDP port 123. Just add following rule to your firewall script:

pass out quick on lnc0 proto udp from YOUR-SERVER to any port = 123
keep state


pass out quick on lnc0 proto udp from YOUR-SERVER to
TIME-SERVER-IP port = 123 keep state

For example, my FreeBSD workstation IP is and is IP of NTP server then my rule is in ipf.conf file as follows:

pass out quick on lnc0 proto udp from
to port = 123 keep state

FreeBSD test clock synchronization

Just run ntpdate command as follows to see you can set date and clock via NTP:
Set wrong date (Mon Dec 13 4:27 pm):

# date 0412131627

Now set correct date with ntp client:

# ntpdate -v -b

13 Dec 16:27:50 ntpdate[997]: ntpdate 4.2.0-a Thu Nov 3 07:34:22 UTC 2005 (1)
25 Jan 12:35:47 ntpdate[997]: step time server offset 35237275.965726 sec

You can verify that correct data is setup:

# date


Wed Jan 25 12:36:21 IST 2006

Enable date and time/ clock Synchronization at boot time

You need to set ntpdate via /etc/rc.local file.

# vi /etc/rc.conf

Append following line to it:

Save and close the file. Make sure you have correct ntpdate_hosts server entry.

See also:

Updated for accuracy.

How do I synchronise my single Debian Linux desktop clock to network?

Posted on in Categories Debian Linux, Howto, Linux, Ubuntu Linux last updated October 22, 2005

You will find lots of tutorials about how to setup NTP server. However if you just wanna synchronize single Linux desktop connected via A/DSL Internet connection use ntpdate command. It is very easy to configure and install ntp client. Following instructions are only compatible with Debian / Ubuntu Linux.

ntpdate client

ntpdate sets the local date and time by polling the Network Time Protocol (NTP) server(s) given as the server arguments to determine the correct time. It must be run as root on the local host. A number of samples are obtained from each of the servers specified and a subset of the NTP clock filter and selection algorithms are applied to select the best of these. Note that the accuracy and reliability of ntpdate depends on the number of servers, the number of polls each time it is run and the interval between runs.

Install ntpdate utility

ntpdate command sets the local date and time by polling the Network Time Protocol (NTP) server(s).

# apt-get install ntpdate

You are done by default /etc/default/ntpdate file is use to point server .

Allow access to NTP client via Iptables firewall

NTP client uses the udp port 123 to communicate with NTP server. Following rule opens/allows NTP client outgoing request:

# NTP outgoing client request
iptables -A output -p udp -s --sport 1024:65535 -d 0/0  --dport 123 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A input -p udp -s 0/0 --sport 123 -d  --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Add above rules to your existing iptables script. Please note if you have more than 2-3 computers, then it is better idea to setup your own NTP server. I will write on ntpserver configuration later on.

For more information visit public ntp time server for everyone NTP pool website and read ntpdate man page.