Hello everyone.
I have been interested in starting to self-host, and I have just been able to set up the first useful thing for myself (apart from a PiHole that I have running).
Since I am very afraid of making security mistakes, I would like to get feedback from you if my setup is secure or not.
The simple use case: I want to be able to back up files from my main computer to a hard disk, without having the hard disk attached to my main computer.
The setup:
- A Raspberry Pi 4 running Raspberry Pi OS Lite (64-bit).
- The Raspberry Pi can only be accessed via
ed25519key. - I configured a firewall on the Raspberry Pi with
ufwto allow only traffic from the local subnet. - I then use
sshfsto mount the hard disk connected with the Raspberry Pi to my main computer. - I plan to use
rsyncto back up my files.
Now I need your help: how secure is this setup? Did I make any major mistake? Is there something I could do better?
I’d be happy to get some feedback… 🙂


Look into Borg backup you will get encrypted backups you can send over ssh and it will be faster, and you get de duplication
https://torsion.org/borgmatic/ is nice for running a regular manual or automated Borg backup.
https://apps.gnome.org/en-GB/PikaBackup/ is also pretty neat if you want to clicky backup data as a user.
Both are common in package repos. And there’s probably even more, but I’ll mention those two just to point out that you don’t have to script the raw Borg if you don’t want to.
…and you get restoration verifications.