Backup encryption key
Yuval Hager
yuval at avramzon.net
Thu Apr 23 16:40:25 IDT 2009
On Thursday 23 April 2009, Shachar Shemesh wrote:
> Yuval Hager wrote:
> > On Thursday 23 April 2009, Dotan Cohen wrote:
> >>> How do you use the password in an automated backup then?
> >>
> >> Actually, I do not automate it. This is the command that I use to make
> >> the tarball:
> >> $ tar -zcvf - /home/user/ | openssl des3 -salt -k PASSWORD | dd
> >> of=DATE.tbz
> >>
> >> And this one to decrypt it:
> >> $ dd if=DATE.tbz | openssl des3 -d -k PASSWORD | tar zvxf -
> >
> > Well, I was looking for a more streamlined solution. Something that is:
> > 1) automatic
> > 2) offsite (e.g. online)
> > 3) bandwidth and space efficient (due to (2) above)
> > 4) (opt.) encrypted
> > 5) incremental
> >
> > I currently use rdiff-backup, but it does not abide to (3) above. I
> > started looking into duplicity (from the same author), and then thought
> > about description, hence the original post.
>
> http://rsyncrypto.lingnu.com + rsync
>
> Provides 1-5.
>
> Shachar
Thanks. I probably wasn't clear on (5). I would like to be able to go back
in time when I restore. AFAIK, rsync* solutions are mirroring the current
state only, where rdiff-backup and duplicity does allow time travel.
There is still the original question about the key handling, I just wanted
to give a little more context..
--y
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20090423/cf8879a7/attachment.bin>
More information about the Linux-il
mailing list