Hi all. I've thought-read about backups' security and have concluded that backups must be encrypted and decided to do so. It would be good if backups were encrypted with client's public key (that would ensure client's data's confidentiality), but I think they should be placed on encrypted partition also, so that any data couldn't be read without a password (in case an intruder stole the backup-server as well as client's certificates).
As I'm using FreeBSD, I've read a nice document about encrypting FreeBSD disks (http://events.ccc.de/congress/2005/fahrplan/attachments/586-paper_Complete_Hard_Disk_Encryption.pdf). I've thought that it would really be sufficient and easier (to maintain server from distance) if only essential partitions were encrypted. So here's the question: which partitions are to be considered confidental from Bacula's point of view? I'm suggesting these would be backup-data (e.g. /mnt/backup) and /tmp? Or is Bacula designed the way that it doesn't use any temporary files thus encrypting only backup-data's partition would be enough? Silver ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
