"Edward Ned Harvey (rdiff-backup)" <rdiff-bac...@nedharvey.com> writes:
>> From: rdiff-backup-users-bounces+rdiff- >> backup=nedharvey....@nongnu.org [mailto:rdiff-backup-users- >> bounces+rdiff-backup=nedharvey....@nongnu.org] On Behalf Of Grant >> >> I'm struggling to devise an incremental, automated backup scheme that >> remotely and securely backs up data from one system to another, >> preserves permissions and ownership, and keeps the backups safe even >> if the backed-up system is compromised. Would the following work? > > What are you calling "compromised?" Because the proposed solution you > mentioned didn't even mention encryption. So I guess you must be > saying "compromised" when you're really talking about the backup > system being damaged or otherwise suffering data integrity failure. > > Either way, the answer is, "you can't, with anything, ever." > > If you are talking about security compromised, then all you can do is > encrypt data before it leaves original server, and run integrity > checks on it. You'll keep your data private, even on a compromised > system, but you'll be subject to tampering. You'll be able to detect > tampering, but you will not be able to recover. > > If you are talking about integrity compromised, on both your original > and backup systems... Well ... Then the data integrity was > compromised on both your original and backup copies. Sorry, nothing > can protect you from that, except having more redundant copies. I think the OP was talking about client with data to be backed up server to store backups at some point, *client* is compromised the desired security property is for the client not to be able to modify/delete the backups that happened before the compromise _______________________________________________ rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
