I rdiff backup everything onto a LUKS encrypted file system.
Because the same problem applies to ssh keys, leave them lying
around on a portable drive...?
The LUKS file system needs a very long password to mount (which can
be changed at any time).
Normally the drive is umounted and a script is run to mount only for
duration of backup.
See cryptsetup.
Rdiff-backup is a program not a backup system, something like
backupninja can be placed in front of it to run scripts, scheduling etc.
Regards
Gavin
--
www.cloudcmms.com <http://www.cloudcmms.com>
www.gnumims.org <http://www.gnumims.org>
www.kromhouts.net <http://www.kromhouts.net>
Babies need a certain amount of random input data to develop.
On 11/12/13 19:19, Øyvind Skaar wrote:
On 09/12/2013 16:48, Grant wrote:
I was planning to back up my Bitcoin wallet (private key) along with
the rest of my system backups which are versioned by rdiff-backup.
However, it occurred to me that if the password with which my wallet
is encrypted is deemed non-secure at some point and I change that
password, the rdiff-backup repository will still contain the private
key encrypted with the non-secure password.
Yes, backing up sensitive data is hard =)
Just a few thoughts:
- The bitcoin wallet doesn't change, so there's no need to back
it up
every day. The easiest is probably to exclude it from your normal
backup, as Dominic suggested, and just copy it separately.
- If you think your wallet might be compromised in any way, it's
probably best to make a new wallet and transfer all your bitcoins.
(If you "lost" your password, how do you know they didn't get your
key as well?)
Regards,
Øyvind Skaar
_______________________________________________
rdiff-backup-users mailing list at rdiff-backup-users@nongnu.org
https://lists.nongnu.org/mailman/listinfo/rdiff-backup-users
Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
