* David Tomaschik <[email protected]> [110213 19:15]:
> On 02/13/2011 09:32 PM, John Magolske wrote:
> > I'd like to create encrypted backups onto a remote server [...]
> >
> > (A) Simple mirror:
> >
> > % sudo mount -t ecryptfs /drive/encrypt /drive/decrypt
> > % rsync -av --delete /home/john /drive/decrypt
> > % sudo umount -i /drive/decrypt
> > % rsync -av --delete -e ssh /drive/encrypt [email protected]:/backup
> >
> > (B) Mirror with increments using rdiff-backup:
> >
> > % sudo mount -t ecryptfs /drive/encrypt /drive/decrypt
> > % rdiff-backup /home/john /drive/decrypt
> > % sudo umount -i /drive/decrypt
> > % rsync -av --delete -e ssh /drive/encrypt [email protected]:/backup
> >
> > (C) Use sshfs to mount the remote encrypted backup & decrypt it locally:
> >
> > % sshfs [email protected]:backup /remote-encrypt
> > % sudo mount -t ecryptfs /remote-encrypt /remote-decrypt
> > % cd /remote-decrypt
>
> If you're not already encrypting locally, why not consider something
> like duplicity that specializes in encrypted backup? It can do
> incrementals as well.
I had initially considered duplicity, but then decided against it.
Because it keeps a mirror + forward diffs, any corruption of a diff
causes the loss of all backups occurring after that diff. I've
heard stories of people loosing backups in this way...not sure how
likely that is, but the reverse diff approach of rdiff-backup sounds
better (corruption of a diff = loss of all backups prior to it). My
understanding of duplicity is that it requires a periodic full backup.
For a 200GB directory, this could be problematic in terms of time and
monetary cost of bandwidth. Also, if the process hangs, apparently
there is no way to resume an interrupted backup [1]. And pulling files
from the remote backup would require restoring the entire directory
first, again a big bandwidth hit. That's why I was hoping scenario C
above might work (mount with sshfs & decrypt locally).
[1] #536361 - duplicity: no way to resume an interrupted backup
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=536361
Regards,
John
--
John Magolske
http://B79.net/contact
_______________________________________________
Mailing list: https://launchpad.net/~ecryptfs-users
Post to : [email protected]
Unsubscribe : https://launchpad.net/~ecryptfs-users
More help : https://help.launchpad.net/ListHelp
