On Jan 16, 2008, at 19:02 , Toomas Aas wrote:
Johan Ström wrote:
My main problem with existing solutions is this "gap" of
encryption on the backup server side. I dont want it to be
readable outside of my box (without encryption keys ofcourse), so
as soon as I send it of from my box I want it to be encrypted over
the link, and down on the disk. Not decrypted on the remote box,
to then be encrypted again (with keys available on that box) and
then stored to disk. That would allow any users of that box (yes
sure you can have file permissions but lets assume someone else
have root access there) to read my files.
Simple Example:
I create regular tarball (gziped maybee) with some files i want to
backup, Then i encrypt this file with ie gpg. Then i send of this
file using some unspecified network protocol to the storage server.
Encrypted all the way, from my end to the remote disk..
The downside is that it is a static file.. not a "dynamic
filesystem", nothing I can mount and have easy access to
individual files from. *Thats* what I'm looking for.
As a long-time user of Amanda and regular lurker on their mailing
list, I've noticed that latest versions of Amanda have encryption
capabilities. They seem to fit your needs in that encryption can be
performed entirely on the backup client ("your box") side if one
opts to set things up that way.
I haven't used encryption with Amanda myself so this is just what
I've heard on the list and read from the wiki just now:
http://wiki.zmanda.com/index.php/How_To:Set_up_data_encryption
As for the ease of restore, it's not quite *that* easy, i.e. you
can't just transparently mount the backup as a filesystem and copy
files from there. Amanda has a command-line-ftp-like recovery
interface, where you can specify which files/subdirectories and
from which date you want recovered. It's been easy enough for me.
Looked through that page, seems like pretty much work right now. And
I looked through the amanda docs, and I got to say, when calling
themselfs "Amanda is the world's most popular Open Source Backup and
Archiving software." one would expect somewhat better docs.. hehe.
Anyway, I will look more into the ggated suggestion from another post
before digging deeper into amanda :)
--
Johan_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
