[sf-lug] Linux backup software .. that meets unique requirements
hinkle at cipafilter.com
Thu Mar 11 11:38:05 PST 2010
The primary technical hurdle you face here is that good encryption by definition is going to change the entire output file for any minor change in the input file. That means if you encrypt localy then use rsync or a similar algorithm to transmit you must transmit any changed file in it's entirety. If you have many small files, each independently encrypted this might be fine.
If you encrypt at the remote end, (even if you use an SSH transport for intermediary) you get to make best used of the rsync algorithm by only transmitting changes, but you loose perfect secrecy because the remote end could theoretically intercept your un-encrypted data after decrypting from the tunnel but before encrypting to the disk.
You have a couple options, which one is best depends on how important your perfect secrecy is to you, and what your files look like. Can you tell us more about the scenario? I've got a great deal of experience with rsync based backup solutions so I can probably help you out. You can implement either of the above with a good script.
From: sf-lug-bounces at linuxmafia.com [mailto:sf-lug-bounces at linuxmafia.com] On Behalf Of David Rosenstrauch
Sent: Thursday, March 11, 2010 1:17 PM
Subject: [sf-lug] Linux backup software .. that meets unique requirements
Trying to find linux backup software that meets what apparently is a
unique set of requirements. I've checked out all the major backup apps
(backuppc, duplicity, bacula, drop.io, etc.) but none of them seem to
meet all of my requirements. Anyone here know of one that does? Here's
what I'm looking for:
1) Backs up efficiently. e.g., uses rsync algorithm or similar so as to
not repeatedly backup/store files that haven't changed.
2) Transmission of backups is encrypted.
3) Storage of backups is encrypted.
4) Can back up to offsite/remote file system.
5) Can back up to any old plain vanilla sftp/rsync-accessible remote
file system. (Reason behind this requirement is that I already have
access to a large amount of (non-encrypted) space for backups, and don't
want to pay extra for another service.)
6) Does not require that you periodically take the network i/o storage
hit of making a new full backup. (This is not an option, as what the
data I want to back up is getting large, and I only want to do it once.)
For some reason it's impossible to find something that fits all of the
* backuppc and rsyn don't satisfy #3.
* duplicity doesn't satisfy #6.
* drop.io and bacula don't satisfy #5.
Anyone have any suggestions here? I'm actually on the verge of writing
my own backup software to do this, but I'd *really* like to avoid that
unless there's no other choice.
sf-lug mailing list
sf-lug at linuxmafia.com
Information about SF-LUG is at http://www.sf-lug.org/
More information about the sf-lug