Backup encryption key

Wed Apr 29 23:18:11 IDT 2009

בThursday 23 April 2009, נכתב על ידי Yuval Hager:
> On Thursday 23 April 2009, Shachar Shemesh wrote:
> > I should point out one huge disadvantage of storing binary diffs when
> > using encrypted systems. There is no (practical) way to erase old
> > backups. Your backup storage size is bound to be ever increasing. This
> > is because the only way to create a new complete snapshot (i.e. - a
> > non-incremental backup) is to retransmit the entire backup data.
> > Because the remote side is encrypted, you cannot use it to expand the
> > image remotely.
>
> I have not given as much thought as you to the details here, but if I
> read the man page correctly, duplicity does allow to --remove-older-than.
> I am not sure how that works though.
>

I've continued to read on that - as long as you have at least one full 
backup, you can deleted earlier backups (which is quite obvious). ‎‎The 
main reason I am using rdiff-backup is that I can delete backups older than 
a certain time, as much as I like, without ever running a full backup 
besides the initial backup. The only limitation is that the data is not 
compressed nor encrypted on the destination.

-- 
yuval
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20090429/275fe5ac/attachment.bin>