Crypt backup

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Crypt backup

Miguel Angel Rodriguez-2
Hi,
 
I woul'd store my remote backup encrypted. What can I do ?
 
Thanks.
 
Miguel Angel Rodriguez
 
 
 

_______________________________________________
rdiff-backup-users mailing list at [hidden email]
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
Reply | Threaded
Open this post in threaded view
|

Re: Crypt backup

Ben Escoto
>>>>> "Miguel Angel Rodriguez" <[hidden email]>
>>>>> wrote the following on Sun, 29 Jan 2006 10:55:33 +0100
>
> I woul'd store my remote backup encrypted. What can I do ?

If you're just worried about encrypted storing, I guess you could put
your rdiff-backup repository on an encrypted filesystem.

If you want to make sure the server never sees your unencrypted data,
you could use programs specifically written for that, like duplicity
(which I wrote, and still use), hdup, etc.


--
Ben Escoto

_______________________________________________
rdiff-backup-users mailing list at [hidden email]
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki

attachment0 (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Crypt backup

Mike Bydalek-3
Ben Escoto wrote:
"Miguel Angel Rodriguez" [hidden email]
wrote the following on Sun, 29 Jan 2006 10:55:33 +0100
            
I woul'd store my remote backup encrypted. What can I do ?
    

If you're just worried about encrypted storing, I guess you could put
your rdiff-backup repository on an encrypted filesystem.
  
This is good for if your server physically gets stolen (which if you have it in a colo, is a *very* rare chance), but otherwise pretty pointless for a good backup solution.
If you want to make sure the server never sees your unencrypted data,
you could use programs specifically written for that, like duplicity
(which I wrote, and still use), hdup, etc.
  

Up until now, I didn't know you wrote Duplicity (very nice product, except for it's age).  For people that wanted secure backups, I used box-backup, but it's extremely cumbersome to restore, so frankly, I don't like it that much.

Duplicity would be the ultimate backup solution, except that the last release was in August of 2003, and wasn't even stable.  I did notice that it did implement some of the rdiff code to get deltas on directories, etc.

A suggestion from someone who desperately wants the security of box-backup, Duplicity, etc. with the functionality of rdiff-backup, would there be a way to implement Duplicity code into rdiff-backup to give the option of storing encrypted?

-Mike

_______________________________________________
rdiff-backup-users mailing list at [hidden email]
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
Reply | Threaded
Open this post in threaded view
|

Re: Crypt backup

Chris Wilson-5
Hi Mike,

On Mon, 30 Jan 2006, Mike Bydalek wrote:

> For people that wanted secure backups, I used box-backup, but it's
> extremely cumbersome to restore, so frankly, I don't like it that much.

I'm a Box Backup developer as well as an rdiff-backup user, and I'd be
very interested to know how you found the Box Backup restore cumbersome?
I'd like to work on improving it.

Cheers, Chris.
--
_ ___ __     _
  / __/ / ,__(_)_  | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |



_______________________________________________
rdiff-backup-users mailing list at [hidden email]
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
Reply | Threaded
Open this post in threaded view
|

Re: Crypt backup

Ben Escoto
In reply to this post by Mike Bydalek-3
>>>>> Mike Bydalek <[hidden email]>
>>>>> wrote the following on Mon, 30 Jan 2006 08:26:35 -0700

> A suggestion from someone who desperately wants the security of
> box-backup, Duplicity, etc. with the functionality of rdiff-backup,
> would there be a way to implement Duplicity code into rdiff-backup to
> give the option of storing encrypted?

No, not really to my knowledge.  The reverse-diff scheme can work
because the repository side has both the new and old data, and can
compute a new->old diff.  duplicity assumes that the repository is
totally untrusted, so it has neither data in useable form.  The source
side only has the new data and signatures of the old data, so it can
only compute an old->new diff.

There may be some way around this but it would probably be easier just
to keep duplicity up to date.


--
Ben Escoto

_______________________________________________
rdiff-backup-users mailing list at [hidden email]
http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki

attachment0 (196 bytes) Download Attachment