On 12/11/05, Josef Wolf <[EMAIL PROTECTED]> wrote: > On Sat, Dec 10, 2005 at 09:12:49AM -0800, Kevin Till wrote: > > > I have added a dumptype option, "encrypt". > > Great! Thanks for your afford to bring encryption into amanda's core. > > I have not taken a close look on it yet. From the description, I have the > impression that this solution is based on symmetric encryption. I don't > think this is a good idea. Having the passphrase lying around on all > your clients[1] is a big weakness, IMHO. It would be better to encrypt > with a public key. The private key and the passprase should be locked > away to a safe place. They should be needed only for desaster-recovery. > > [1] You need client-side encryption if you don't want your data flowing > unencrypted over the network.
You can use ssh for server/client communication and server side data encryption. Paddy > > -- > No software patents in Europe -- http://nosoftwarepatents.com > -- Josef Wolf -- [EMAIL PROTECTED] -- > -- Amanda documentation: http://wiki.zmanda.com Amanda forums: http://forums.zmanda.com
