>>>>> On Fri, 14 Jul 2006 12:20:20 +0300, Silver Salonen said: > > Hi all. > > I've thought-read about backups' security and have concluded that backups > must > be encrypted and decided to do so. It would be good if backups were encrypted > with client's public key (that would ensure client's data's confidentiality), > but I think they should be placed on encrypted partition also, so that any > data couldn't be read without a password (in case an intruder stole the > backup-server as well as client's certificates). > > As I'm using FreeBSD, I've read a nice document about encrypting FreeBSD > disks > (http://events.ccc.de/congress/2005/fahrplan/attachments/586-paper_Complete_Hard_Disk_Encryption.pdf). > > I've thought that it would really be sufficient and easier (to maintain > server from distance) if only essential partitions were encrypted. > > So here's the question: which partitions are to be considered confidental > from > Bacula's point of view? > > I'm suggesting these would be backup-data (e.g. /mnt/backup) and /tmp? Or is > Bacula designed the way that it doesn't use any temporary files thus > encrypting only backup-data's partition would be enough?
Bacula writes all temporary files to its configured Working Directory. You might also need to consider the catalog database. __Martin ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
