Re: Secure backup on remote untrusted server over slow line?

From: Iwo Mergler (Iwo.mergler@soton.sc.philips.com)
Date: 06/13/02 

Date: Thu, 13 Jun 2002 15:01:38 +0100
From: Iwo Mergler <Iwo.mergler@soton.sc.philips.com>

"Brian C. Lane" wrote:
>
> On Wed, 12 Jun 2002 16:31:58 +0200
> Preben Bohn <preben_bohn@yahoo.com> wrote:
>
> > Hi all, I hope the subject says it all... :-)
> >
> > If not, here's my problem, I really hope someone can help me:
> >
> > I want to backup my linux server (~10GB data) on a remote server over a
> > slow line (~200 kbps). I only need a snapshot at say 1 days interval.
> > The changes to the server data are relatively small so an incremental
> > scheme is the way to go (and with 10GB over 200 kbps it is the only way
> > :)).
> >
> > The problem is that the remote server is "public" available, so I need
> > to encrypt the data somehow. Does anyone have any good ideas to how I
> > can accomplish this?
> >
>
> On your secure system write a find backup script (I used to have one before I switched to using rsync for backups) that finds all the changed files (compared with a timestamped file you create after each backup) and copies them into a new filesystem tree. Use apio to compress and archive the tree (apio is better than tar because it compresses individual files, a corrupt byte won't hose the whole archive). Then use gpg to encrypt the compressed file to you (use a throw-away gpg key, not your normal one, a
> s the source key for the encryption. Its the destination key that matters). Then transfer the compressed, encrypted file over to the untrusted system.

Isn't this a bit over the top? His particular system has the
advantage that encryption and decryption happen in the same
place, so a private/public key encryption is not needed.

Kind regards,

Iwo

Relevant Pages