Win Htin wrote: > On Jan 22, 2008 9:39 AM, Dan Langille <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Win Htin wrote: > > Hi folks, > > > > Is there a way to implement file backups so that I can proof the > files > > were signed and not tampered with? For example, if a customer > claims a > > certain trade never happened, I can refute the claim by saying "my > > backup files says otherwise" and stand behind my statement. As of > now, > > I'm using SHA1 signature in my FileSet definition. I am not sure > if this > > is good enough or if it is even the appropriate solution. Your > input is > > much appreciated. > > You may be interested in encryption. bacula-fd can encrypt the file as > it leaves the client. It can also be signed. > > This just proves what the file was before it left the client. It does > not do anything about tampering with the file before it left the client. > > You may want to look into signing the file as it is created instead.
> Dan, > > Thanks for your input. > > When you say "signing the file as it is created" do you mean an > implementation outside of Bacula's? That's how I understood. Thanks. Yes. I think what you want to do is best done outside of Bacula, by the application that creates the file in the first place. Have the application sign the file with the users key. -- Dan Langille BSDCan - The Technical BSD Conference : http://www.bsdcan.org/ PGCon - The PostgreSQL Conference: http://www.pgcon.org/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
