[sf-lug] New Open Source Software Proposal

Alex Kleider a_kleider at yahoo.com
Mon Mar 15 15:36:16 PDT 2010

My suggestion is to use enc-fs on the local (to be backed up) machine so an encrypted version of the backup source is already available. Then when it comes time to do backup, use the encrypted version and send it over to the destination directory. 
The one 'gotcha' that I  see is that to reconstitute, one needs not only the encrypted file and the passphrase, but also the ".encfs5" control file at the top level of the raw encfs filesystem.  I don't know if rsync transfers hidden files but you wouldn't want to be left without it. 

Using this approach, nothing 'new' needs to be written.


--- On Mon, 3/15/10, David Hinkle <hinkle at cipafilter.com> wrote:

From: David Hinkle <hinkle at cipafilter.com>
Subject: [sf-lug] New Open Source Software Proposal
To: "sf-lug at linuxmafia.com" <sf-lug at linuxmafia.com>
Date: Monday, March 15, 2010, 11:32 AM


David Rosenstrauch, Alex and I have been talking back and
fourth about how to get what is probably a pretty standard scenario accomplished
with open source tools.   We can’t seem to find any pile of
software that can make it happen, so I was thinking of writing it.  
First I want to solicit some feedback on my idea. 


The plan would be an rsync replacement.   
Instead of syncing local files to a remote fileserver over ssh,  it would
instead break the local files into chunks, independently encrypt each chunk,
and sync those chunks over.   The chunks could be stored in a sqllight
database along with the checksum of the original unencrypted contents of each
chunk and the checksum of the unencrypted file.   We would key these
chunks based on the encrypted filename. 


If we save the data in this manner, on subsequent backups,
the client can ask for a list of checksums, compare those checksums to local
files, and then transmit any chunks of those local files that may have been


This would means we should be able to get rsync like
performance backing up to an encrypted datastore on a remote server that has no
knowledge of the encryption key.   We would also get the awesome ease
of use of rsync over ssh.   Any server you have shell access to and
that you can upload files to you could use as a safe remote repository for your


What do you guys think?  Usefull? Not usefull? 
Would you use it? 





-----Inline Attachment Follows-----

sf-lug mailing list
sf-lug at linuxmafia.com
Information about SF-LUG is at http://www.sf-lug.org/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20100315/27d600e8/attachment.html>

More information about the sf-lug mailing list