Greg Freemyer wrote:
That sounds clever. But I don't understand why it is not secure to use encfs directly on the third party remote server (assuming that it is available of course)? Something like this (sorry this is from a Windows client hence use of plink and unusual escapes):I use rdiff-backup to a local encfs directory. Then I do a rsync of the encrypted version of the encfs directory to a third party location.It is working fine so far. Admittedly my only restores from the remote site have been tests. ie. It is for disaster recovery purposes only. I use the local rdiff-backup copy for normal data recovery needs. My idea is that this will first mount the encrypted directory (~/archives-enc/) so that it can be read and written to unencrypted (as ~/archives/), then run rdiff-backup into this directory, then unmount so that thereafter the data can only be seen encrypted - unless you have the password.rdiff-backup --remote-schema "plink.exe -ssh -i mykey.ppk %s echo ""S3cr3tP4s5w0rd""^| encfs -S ~/archives-enc/ ~/archives/; rdiff-backup --server; fusermount -u ~/archives/" "C:/Documents and Settings/Dominic/My Documents" u...@server::~/archives/mydocs; Of course this way we have sent the password to the remote server, but we have done so using ssh and I don't think this can be sniffed or found by the server's system administrator (it is not saved in .bash_history) - or can it be? Regards Dominic |
_______________________________________________ rdiff-backup-users mailing list at [email protected] http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
