Backup encryption key
Shachar Shemesh
shachar at shemesh.biz
Wed Apr 29 23:41:42 IDT 2009
Yuval Hager wrote:
> בThursday 23 April 2009, נכתב על ידי Yuval Hager:
>
>> On Thursday 23 April 2009, Shachar Shemesh wrote:
>>
>>> I should point out one huge disadvantage of storing binary diffs when
>>> using encrypted systems. There is no (practical) way to erase old
>>> backups. Your backup storage size is bound to be ever increasing. This
>>> is because the only way to create a new complete snapshot (i.e. - a
>>> non-incremental backup) is to retransmit the entire backup data.
>>> Because the remote side is encrypted, you cannot use it to expand the
>>> image remotely.
>>>
>> I have not given as much thought as you to the details here, but if I
>> read the man page correctly, duplicity does allow to --remove-older-than.
>> I am not sure how that works though.
>>
>>
>
> I've continued to read on that - as long as you have at least one full
> backup, you can deleted earlier backups (which is quite obvious). The
> main reason I am using rdiff-backup is that I can delete backups older than
> a certain time, as much as I like, without ever running a full backup
> besides the initial backup. The only limitation is that the data is not
> compressed nor encrypted on the destination.
>
>
And with rsyncrypto+rsync, you can do all that AND have them encrypted
and compressed.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20090429/ec8fa645/attachment.html>
More information about the Linux-il
mailing list