Joshua Hutchins wrote:
Hello all- We've recently started backing up our AFS volumes to tape. However, we would like to encrypt our tapes (some of them will be going off-site, and we want to protect our data). I haven't found any way to specify encryption directly to OpenAFS, and there doesn't seem to be any transparent encryption layer we can use for tapes (we're running Linux). We looked into amanda-afs because we can get amanda to do encryption, but amanda-afs seems rather outdated and unmainted.Has anyone tried to use encryption and come up with a solution?
AFS does not currently support encrypted volume dumps. From my wishlist:"The model used by many organizations for backups is offline storage of volume dumps. The groups responsible for storing the dumps should not have access to the contents of the dumps. Even a simple encryption using the existing AF Skey would be better than nothing although a more sophisticated key management solution for generating dumps for backups and later restoration would be desirable."
If this is a project that your organization would be interested in funding, please contact Secure Endpoints privately.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
