On Sunday 30 September 2007 16:43, Ross Boylan wrote: > On Sat, 2007-09-29 at 23:09 -0700, Landon Fuller wrote: > > > Does on-disk encryption depend on openssl? > > > > No -- it uses portable DER-encoded ASN.1 format, with RSA and AES > > encryption. It should be possible (and indeed, such was the intent) > > to decrypt these backups with any full-featured crypto library. > > That's good news. I was thrown by section 42.1, "Bulding Bacula with > Encryption Support" which says to use ./configure --with-openssl to > configure encryption (this is in the chapter on data encryption). > > Does the on-disk encryption just happen to be controlled by the same > switch that activates openssl? Or will on disk encryption work even > without that config option (the latter would be good news to me, since I > wouldn't need to rebuild the Debian package to get it).
For both comm encryption and data encryption to be enabled, you must configure with --with-openssl. Older versions of Debian packaged Bacula did include OpenSSL support and hence comm and data encryption. However, I am not sure what the very latest versions do. > > Thanks for the info. It's also very good news about the licensing. Yes, but getting to where we can change the license has already created one bug (now fixed) and could well create more when *all* the new code goes into production. I released part of the new code in 2.2.4. It is too bad we were not aware of these subtle licensing constraints a few years ago when Landon and I agreed on what encryption package to use. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Bacula-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/bacula-devel
