Hello
Thanks for the program. Keep up the good work.
If I had one request, it would be to see some third party testing on how
robust the encryption is , particularly if someone at the remote end
could save the daily changes of a given encrypted file and use the
changes to extract the unencrypted file. With that said I'm sure
rsyncrypto provides enough security for my personal data :)
anyway here is a script i cobbled together to backup and restore my
data. I run it from cron
Comments are appreciated. This probably isnt going to word wrap
properly but i didnt want to use an attachment ?
#!/bin/bash
#you need to have generated your encoding keys and have them in the
keys.enc dir
#this command will generate them with the proper filenames and paths for
this script
#mkdir keys.enc;openssl req -nodes -newkey rsa:1536 -x509 -keyout
keys.enc/rckey.key -out keys.enc/rckey.crt
#--- these variables need to be edited for sure ---
# the list of dir's you want to backup.
# spaces in path *may* work if double quoted. I dont use spaces in
paths
# this script is designed to encrypt and rsync whole directories, not
single files
dir_list_to_encode="/u/my_data/docs /home/user/mail"
# remote machine you are rsync'ing to.
# You need public key authorization or similar so you're not prompted
for a password
[EMAIL PROTECTED]
# the dir on remote host where backup is stored
remote_dir=backup/my_data/encrypted
# set decrypt=yes to retrieve the previously generated remote backup and
decrypt it.
# otherwise script encrypts and will backup to remote host.
# NOTE- when restoring we are assuming you dont have the keyfiles, only
your private key.
# this assumption can be edited around line 52
# Its a good idea to test your backup before you need it :)
decrypt=no
#decrypt=yes
#--- end of variables that need to be edited ---
encrypt_cmd="rsyncrypto -rc --delete"
decrypt_cmd="rsyncrypto -dr"
sync="rsync -az --delete"
key_encode_dir=keys.enc
key_encode_file=rckey.crt
key_private_encode_file=rckey.key
key_files=keys.files
for each in $dir_list_to_encode
do dir_source_plain=$each
# remove leading / , replace rest of them with .
stripped_src_dir=$(echo $dir_source_plain | sed -e 'sz^/zz'|sed
-e 'sz/z.zg')
key_files_subdir=$stripped_src_dir
dir_encrypted=${stripped_src_dir}.enc
dir_decoded=${stripped_src_dir}.dec
name_encrypt="--name-encrypt=
$key_files/$key_files_subdir/${stripped_src_dir}.map"
if [ ${decrypt:-no} == "yes" ]
then
$sync ${remote_machine}:${remote_dir}/$dir_encrypted .
# since we are restoring your backup , lets assume you dont have
the keyfiles, but do have your private key
# If you do have your keyfiles, comment out the next line and
uncomment the 2nd line down
$decrypt_cmd $name_encrypt $dir_encrypted $dir_decoded
keys.retrieved/$key_files_subdir
$key_encode_dir/$key_private_encode_file
#$decrypt_cmd $name_encrypt $dir_encrypted $dir_decoded
$key_files/$key_files_subdir $key_encode_dir/$key_encode_file
else
$encrypt_cmd $name_encrypt $dir_source_plain $dir_encrypted
$key_files/$key_files_subdir $key_encode_dir/$key_encode_file
$sync $dir_encrypted ${remote_machine}:${remote_dir}
fi
done
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Rsyncrypto-devel mailing list
Rsyncrypto-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
