On 4/27/07, Carlos E. R. <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Friday 2007-04-27 at 07:09 -0400, Greg Freemyer wrote:
> > that we crypt-mount locally on our system and then do a
> > dirvish-backup into that
> >
locally-crypt-mounted-filesystem-in-file-on-NFS-mounted-directory-over-VPN-on-untrusted-host.
> > Yep, that's a mouth full. :-)
>
> I'm experimenting with a similar need via rdiff-backup.
>
> I have my local rdiff-backup copies stored into encfs filesystems.
> Then I rsync the raw (encrypted) filesystem offsite to a hosted server
> every night.
I guess that your way you have to transmitt more data than his way: rsync
will not be as eficient on the raw fs. It would be interesting to measure,
with the same data sets.
Why?
I don't know the details of encfs, but most encrypting filesystems do
it one block of data at a time. If the block is a sector (or even
4K), I would be a little surprised if rsync sends much data that is
smaller than a sector at a time anyway.
Or is rsync smart enough to recognise an insertion of data?
With encfs, I would guess that all the data after the insertion will
be encrypted totally different than it was prior to the insertion.
ie. If I have a simple text doc and I insert a couple words, encfs
will encrypt everything after those words differently than the
original because of the way the text will overlay the on disk blocks.
Greg
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
