Hello, śr., 14 sie 2019 o 13:41 Josh Fisher <jfis...@pvct.com> napisał(a):
> > On 8/14/2019 6:22 AM, Radosław Korzeniewski wrote: > > Hello, > > niedz., 11 sie 2019 o 14:35 Lauri Kiiski <lauri.kii...@iki.fi> napisał(a): > > >> >> - Encrypt disks on the machines having these components: File Daemon, >> Director, Catalog, Storage Daemon, Physical Media >> > > Eeeee, I do not understand. What do you want to keep secret? > > Did you know that a double encryption does not increase the security level? > > > > That is a bit inaccurate. It is equivalent to increasing the key size by > one bit. It has been used before, as in the case of 3DES (triple DES). DES > used a 56-bit key and eventually could be broken by brute force on a simple > PC, so as a stop-gap they applied the same 56-bit key algorithm tree times, > so increased the effective key size from 2^56 to 2^58. So it generally > isn't worth it, but it does increase security a little bit. > OK, it increases security a little bit. :) It is a very small amount, so it could be safely ignored. :) > I think, though, that Lauri is referring to encrypt the metadata that is > stored unencrypted in a disk volume by somehow encrypting the whole disk. > This is a main point! When he encrypt the whole filesystem then it is useless (and time consuming) to double encrypt backup data with Bacula. best regards -- Radosław Korzeniewski rados...@korzeniewski.net
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
