rsyncrypto looks fine, but still not which we're looking for. Having a complete file updated if a little change happens doesn't bother me. We're performing daily rsync, so not many files can be changed in a day.
The real problem is about space and performance. If you want good performance yo have to sacrifice space, and vice versa. We decided to save space for client. so we copy file by file, crypt it, rsync it, and then delete...a hell for performance, starting a rsync connection for each file. And worst of all, we loose -b functionality, that was really good (having not just a copy of the day before but an extra day)...having a previous version of destination data in a file by file basis is not a god idea. And to have the --delete functionality we need to play a trick at the end with a new rsync passing all directories and --ignore-existing, --ignore-non-existing, --delete, just to have same files in source and destination (thank you very much Matt McCutchen). About duplicity is not a good idea, at least for us. We don't want to have tar directories and such things. Any idea to get the -b funcionality back again and obtain a compromise between space and performance? ------------------------------------------------------------------------------------ On Tue, 4 Mar 2008, david reinares wrote: > It would be greatful to have crypting funcionality added to rsync, appart > from using ssh to crypt transmissions. > > I know this is not the original purpose for rsync, but anyway it's a fact > that many people need (at least i need, I hope I'm not alone) > additional security features for offsite backups, like having the data > crypted at remote, but not at source, so the problem is crypting the data > and then syncronizing it. There are a couple of things which try to do this, eg. duplicity, but none which fully hit the nail on the head. The killing factor for duplicity is that to expire increments you need to do a new full backup. rsyncrypto is probably what comes closest to the goal, it would be ideal though if rdiff-backup was to be combined with rsyncrypto to do it all in one - I personally use a three stage process using tar, rsyncrypto and then rdiff-backup (and then rsync). When rsyncrypto gets working stdin/stdout support then the tar/rsyncrypto stage could be combined into one.
-- To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
