OnWorks favicon

backintime - Online in the Cloud

Run backintime in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command backintime that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator



backintime - a simple backup tool for Linux.

This is the command line tool. The graphical tool is backintime-qt4.


backintime [--checksum] [--config PATH] [--debug] [--delete] [--help | -h] [--keep-mount]
[--license] [--local-backup] [--no-crontab] [--no-local-backup] [--profile NAME |
--profile-id ID] [--quiet] [--version]

{ backup | backup-job | benchmark-cipher [FILE-SIZE] | check-config | decode [PATH] |
last-snapshot | last-snapshot-path | pw-cache [start|stop|restart|reload|status] |
remove[-and-do-not-ask-again] [SNAPSHOT_ID] | restore [WHAT [WHERE [SNAPSHOT_ID]]] |
snapshots-list | snapshots-list-path | snapshots-path | unmount }


Back In Time is a simple backup tool for Linux. The backup is done by taking snapshots of
a specified set of folders.

All you have to do is configure: where to save snapshots, what folders to backup. You can
also specify a backup schedule: disabled, every 5 minutes, every 10 minutes, every hour,
every day, every week, every month. To configure it use one of the graphical interfaces
available (backintime-gnome or backintime-kde4).

It acts as a 'user mode' backup tool. This means that you can backup/restore only folders
you have write access to (actually you can backup read-only folders, but you can't restore

If you want to run it as root you need to use 'sudo -i backintime'.

A new snapshot is created only if something changed since the last snapshot (if any).

A snapshot contains all the files from the selected folders (except for exclude patterns).
In order to reduce disk space it use hard-links (if possible) between snapshots for
unchanged files. This way a file of 10MiB, unchanged for 10 snapshots, will use only 10MiB
on the disk.

When you restore a file 'A', if it already exists on the file system it will be renamed to

For automatic backup it use 'cron' so there is no need for a daemon, but 'cron' must be

Store snapshots on local HDD's (internal or USB). The drive has to be mounted before
creating a new snapshot.

Local encrypted
Store encrypted snapshots on local HDD's (internal or USB). Back In Time uses 'encfs'
with standard configuration to encrypt all data. Please take a look at A NOTE ON
SECURITY. You have to be member of group fuse to use this. In terminal type 'sudo
adduser <USER> fuse'. To apply changes you have to logout and login again.

With Mode set to SSH you can store the backup on a remote host using the
SecureShellHost protocol (ssh). The remote path will be mount local using sshfs to
provide file-access for the graphical interface and the backup process. Rsync and
other processes called during backup process will run directly on the remote host
using ssh.

To prepare your user account for ssh-mode you have to add the user to group 'fuse' by
typing 'sudo adduser <USER> fuse' in terminal. To apply changes you have to logout
and login again.

Next you have to create a password-less login to the remote host (for further
information look at http://www.debian-administration.org/articles/152). Type in
terminal 'ssh-keygen -t rsa' hit enter for default path and enter a passphrase for the
private key.

Finally type 'ssh-copy-id -i ~/.ssh/id_rsa.pub <REMOTE_USER>@<HOST>' and enter your
password on remote host.

In Settingsdialog you need to set the host and remote user. If you enter a relative
path (no leading / ) it will start from remote users homedir. The password has to be
the passphrase for your private key.

Cipher (the algorithm used to encrypt the data during transfer)
To optimize performance you can choose the cipher used by ssh. Depending on your
environment you can have a massive speed increase compared to the default cipher.

benchmark-cipher will give you an overview over which cipher is the fastest in your

If the bottleneck of your environment is the hard-drive or the network you will not
see a big difference between the ciphers. In this case you should rather stay on

Please read security information about the cipher before using them in untrusted
networks (Wifi, Internet). Some of them (Arcfour, 3DES, ...) should be handled as not
secure anymore.

Remote Host
If your remote host is an embedded Linux NAS or any other device with limited
functions, you could run into some problems caused by feature-less commands. For
example some devices may not have hardlink support for 'cp', 'chmod' and 'rsync'. In
this case it may help to install so-called Optware or Entware on your device if

If you don't know how to compile packages and how to modify a Linux system you should
NOT try to do this. There is a significant chance to break your device and make it
completely unusable with the following procedure. We will not take any warranty for
this. Make a backup of your device before proceed! You have been warned!

You should install at least packages called 'bash', 'coreutils' and 'rsync'. You will
have to change users default shell from '/bin/sh' to '/opt/bin/bash' in '/etc/passwd'.
To add '/opt/bin:/opt/sbin:' to the start of the PATH environment you can use 'Add
prefix to SSH commands' in 'Expert Options' with 'PATH=/opt/bin:/opt/sbin:\ATH'.

To check if it does work you can compare the output of '/bin/cp --help' and
'/opt/bin/cp --help'. If 'ssh <user>@<host> cp --help' called from your PC will print
the same as '/opt/bin/cp --help' called on the remote host (via interactive ssh
session) you are ready to go.

If you have questions on how to install and configure the Optware please refer to the
community of your device. You can also take a look on Back In Time FAQ on GitHub

If you successfully modified your device to be able to make backups over ssh, it would
be nice if you write a 'How to' on Launchpad's Answers so we can add this to the FAQ.

SSH encrypted
Store encrypted snapshots on remote hosts using SSH. Backintime uses 'encfs --reverse'
to mount the root filesystem '/'. Rsync will sync this encrypted view of '/' to a
remote host over SSH. All encoding will be done on the local machine. So the password
will never be exposed to the remote host and you can use the (normally) more powerful
processor in you local machine for encryption instead of weak NAS CPU's. The downside
on this is 'encfs --reverse' does not support 'Filename Initialization Vector
Chaining' and 'Per-File Initialization Vectors' from the standard configuration (take
a look at 'man encfs' for further information). Please take a look at A NOTE ON

Because of all data is transferred encrypted the log output shows encrypted filenames,
too. In the Logview-Dialog you can use 'decode' option to decrypt the paths
automatically or you can use 'backintime decode' to manually decrypt paths. Back In
Time will show all snapshots decoded so you can browse all files as normal.

Exclude does not support wildcards ('foo*', '[fF]oo', 'fo?') because after encoding a
file these wildcards can't match any more. Only separate asterisk that match a full
file or folder will work ('foo/*', 'foo/**/bar'). All other excludes that have
wildcards will be silently ignored.

Please refer to the 'SSH' section above for information on setting up the SSH

If 'Save Password to Keyring' is activated Back In Time will save the Password into
GnomeKeyring (Seahorse) or KDE-KWallet. Both are secure password storages which encrypt
the password with the users login-password. So they can only be accessed if the user is
logged in.

A backup cronjob during the user isn't logged in can not collect the password from
keyring. Also if the homedir is encrypted the keyring is not accessible from cronjobs
(even if the user is logged in). For these cases the password can be cached in RAM. If
'Cache Password for Cron' is activated Back In Time will start a small daemon in user-
space which will collect the password from keyring and provide them for cronjobs. They
will never be written to the harddrive but a user with root permissions could access the
daemon and read the password.

During backup process the application can call a user callback at different steps. This
callback is "$XDG_CONFIG_HOME/backintime/user-callback" (by default $XDG_CONFIG_HOME is

The first argument is the profile id (1=Main Profile, ...).

The second argument is the profile name.

The third argument is the reason:

1 Backup process begins.

2 Backup process ends.

3 A new snapshot was taken. The extra arguments are snapshot ID and snapshot

4 There was an error. The second argument is the error code.
Error codes:

1 The application is not configured.

2 A "take snapshot" process is already running.

3 Can't find snapshots folder (is it on a removable drive ?).

4 A snapshot for "now" already exist.

5 On (graphical) App start.

6 On (graphical) App close.

7 Mount all necessary drives.

8 Unmount all drives.


Force to use checksum for checking if files have been changed. This is the same as
'Use checksum to detect changes' in Options. But you can use this to periodically
run checksums from cronjobs. Only valid with backup, backup-job and restore.

--config PATH
Read config from PATH.

Show debug messages.

Restore and delete newer files which are not in the snapshot. WARNING: deleting
files in filesystem root could break your whole system!!! Only valid with restore.

-h, --help
Display a short help

Don't unmount on exit. Only valid with snapshots-path, snapshots-list-path and

Show license

Create backup files before changing local files. Only valid with restore.

Do not install crontab entries. Only valid with check-config.

Temporary disable creation of backup files before changing local files. Only valid
with restore.

--profile NAME
Select profile by name

--profile-id ID
Select profile by id

Suppress status messages on standard output.

-v, --version
Show version


backup | -b | --backup
Take a snapshot now (if needed)

backup-job | --backup-job
Take a snapshot (if needed) depending on schedule rules (used for cron jobs). Back
In Time will run in background for this.

benchmark-cipher | --benchmark-cipher [FILE-SIZE]
Show a benchmark of all ciphers for ssh transfer.

Verify the profile in config, create snapshot path and crontab entries.

decode | --decode [PATH]
Decode encrypted PATH. If no PATH is given Back In Time will read paths from
standard input.

last-snapshot | --last-snapshot
Display last snapshot ID (if any)

last-snapshot-path | --last-snapshot-path
Display the path to the last snapshot (if any)

pw-cache | --pw-cache [start|stop|restart|reload|status]
Control the Password Cache Daemon. If no argument is given the Password Cache will
start in foreground.

remove[-and-do-not-ask-again] | --remove[-and-do-not-ask-again] [SNAPSHOT_ID]
Remove the snapshot. If SNAPSHOT_ID is missing it will be prompted. SNAPSHOT_ID can
be an index (starting with 0 for the last snapshot) or the exact SnapshotID (19
caracters like '20130606-230501-984'). remove-and-do-not-ask-again will remove the
snapshot immediately. Be careful with this!

restore | --restore [WHAT [WHERE [SNAPSHOT_ID]]]
Restore file WHAT to path WHERE from snapshot SNAPSHOT_ID. If arguments are missing
they will be prompted. To restore to the original path WHERE can be an empty string
'' or just press Enter at the prompt. SNAPSHOT_ID can be an index (starting with 0
for the last snapshot) or the exact SnapshotID (19 caracters like

snapshots-list | --snapshots-list
Display the list of snapshot IDs (if any)

snapshots-list-path | --snapshots-list-path
Display the paths to snapshots (if any)

snapshots-path | --snapshots-path
Display path where is saves the snapshots (if configured)

unmount | --unmount
Unmount the profile.


There was a paid security audit for EncFS in Feb 2014 which revealed several potential

From https://defuse.ca/audits/encfs.htm
EncFS is probably safe as long as the adversary only gets one copy of the
ciphertext and nothing more. EncFS is not safe if the adversary has the opportunity
to see two or more snapshots of the ciphertext at different times. EncFS attempts
to protect files from malicious modification, but there are serious problems with
this feature.

This might be a problem with Back In Time snapshots.

Use backintime online using onworks.net services

Free Servers & Workstations

Download Windows & Linux apps

  • 1
    Image Downloader
    Image Downloader
    Crawl and download images using
    Selenium Using python3 and PyQt5.
    Supported Search Engine: Google, Bing,
    Baidu. Keywords input from the keyboard
    or input from ...
    Download Image Downloader
  • 2
    Eclipse Tomcat Plugin
    Eclipse Tomcat Plugin
    The Eclipse Tomcat Plugin provides
    simple integration of a tomcat servlet
    container for the development of java
    web applications. You can join us for
    Download Eclipse Tomcat Plugin
  • 3
    WebTorrent Desktop
    WebTorrent Desktop
    WebTorrent Desktop is for streaming
    torrents on Mac, Windows or Linux. It
    connects to both BitTorrent and
    WebTorrent peers. Now there's no
    need to wait for...
    Download WebTorrent Desktop
  • 4
    GenX is a scientific program to refine
    x-ray refelcetivity, neutron
    reflectivity and surface x-ray
    diffraction data using the differential
    evolution algorithm....
    Download GenX
  • 5
    PSPP is a program for statistical
    analysis of sampled data. It is a free
    replacement for the proprietary program
    SPSS. PSPP has both text-based and
    graphical us...
    Download pspp4windows
  • 6
    Git Extensions
    Git Extensions
    Git Extensions is a standalone UI tool
    for managing Git repositories. It also
    integrates with Windows Explorer and
    Microsoft Visual Studio
    (2015/2017/2019). Th...
    Download Git Extensions
  • More »

Linux commands