Backup Central

Hi,

I woul'd store my remote backup encrypted. What can I do ?

Thanks.

Miguel Angel Rodriguez

"Miguel Angel Rodriguez" <ma.rodriguez < at > presscargo.com>
wrote the following on Sun, 29 Jan 2006 10:55:33 +0100

I woul'd store my remote backup encrypted. What can I do ?

If you're just worried about encrypted storing, I guess you could put
your rdiff-backup repository on an encrypted filesystem.

If you want to make sure the server never sees your unencrypted data,
you could use programs specifically written for that, like duplicity
(which I wrote, and still use), hdup, etc.


--
Ben Escoto

Ben Escoto wrote: "Miguel Angel Rodriguez" <ma.rodriguez < at > presscargo.com> ([email]ma.rodriguez < at > presscargo.com[/email])
wrote the following on Sun, 29 Jan 2006 10:55:33 +0100
I woul'd store my remote backup encrypted. What can I do ?

If you're just worried about encrypted storing, I guess you could put
your rdiff-backup repository on an encrypted filesystem.
This is good for if your server physically gets stolen (which if you have it in a colo, is a *very* rare chance), but otherwise pretty pointless for a good backup solution.

If you want to make sure the server never sees your unencrypted data,
you could use programs specifically written for that, like duplicity
(which I wrote, and still use), hdup, etc.

Up until now, I didn't know you wrote Duplicity (very nice product, except for it's age). For people that wanted secure backups, I used box-backup, but it's extremely cumbersome to restore, so frankly, I don't like it that much.

Duplicity would be the ultimate backup solution, except that the last release was in August of 2003, and wasn't even stable. I did notice that it did implement some of the rdiff code to get deltas on directories, etc.

A suggestion from someone who desperately wants the security of box-backup, Duplicity, etc. with the functionality of rdiff-backup, would there be a way to implement Duplicity code into rdiff-backup to give the option of storing encrypted?

-Mike

Hi Mike,

On Mon, 30 Jan 2006, Mike Bydalek wrote:

For people that wanted secure backups, I used box-backup, but it's
extremely cumbersome to restore, so frankly, I don't like it that much.

I'm a Box Backup developer as well as an rdiff-backup user, and I'd be
very interested to know how you found the Box Backup restore cumbersome?
I'd like to work on improving it.

Cheers, Chris.
--
_ ___ __ _
/ __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |

Mike Bydalek <mbydalek < at > compunetconsulting.com>
wrote the following on Mon, 30 Jan 2006 08:26:35 -0700

A suggestion from someone who desperately wants the security of
box-backup, Duplicity, etc. with the functionality of rdiff-backup,
would there be a way to implement Duplicity code into rdiff-backup to
give the option of storing encrypted?

No, not really to my knowledge. The reverse-diff scheme can work
because the repository side has both the new and old data, and can
compute a new->old diff. duplicity assumes that the repository is
totally untrusted, so it has neither data in useable form. The source
side only has the new data and signatures of the old data, so it can
only compute an old->new diff.

There may be some way around this but it would probably be easier just
to keep duplicity up to date.


--
Ben Escoto