Hello
Thanks for the program.  Keep up the good work.
If I had one request, it would be to see some third party testing on how
robust the encryption is , particularly if someone at the remote end
could save the daily changes of a given encrypted file and use the
changes to extract the unencrypted file.  With that said I'm sure
rsyncrypto provides enough security for my personal data :)

anyway here is a script i cobbled together to backup and restore my
data. I run it from cron 

Comments are appreciated.  This probably isnt going to word wrap
properly but i didnt want to use an attachment ?

#!/bin/bash


#you need to have generated your encoding keys and have them in the
keys.enc dir
#this command will generate them with the proper filenames and paths for
this script
#mkdir keys.enc;openssl req -nodes -newkey rsa:1536 -x509 -keyout
keys.enc/rckey.key -out keys.enc/rckey.crt

#--- these variables need to be edited for sure ---

# the list of dir's you want to backup.
# spaces in path *may* work if double quoted.  I dont use spaces in
paths
# this script is designed to encrypt and rsync whole directories, not
single files
dir_list_to_encode="/u/my_data/docs /home/user/mail"

# remote machine you are rsync'ing to.
# You need public key authorization or similar so you're not prompted
for a password
[EMAIL PROTECTED]

# the dir on remote host where backup is stored
remote_dir=backup/my_data/encrypted

# set decrypt=yes to retrieve the previously generated remote backup and
decrypt it.
# otherwise script encrypts and will backup to remote host.
# NOTE- when restoring we are assuming you dont have the keyfiles, only
your private key.
# this assumption can be edited around line 52
# Its a good idea to test your backup before you need it :)
decrypt=no
#decrypt=yes

#--- end of variables that need to be edited ---

encrypt_cmd="rsyncrypto -rc --delete"
decrypt_cmd="rsyncrypto -dr"
sync="rsync -az --delete"
key_encode_dir=keys.enc
key_encode_file=rckey.crt
key_private_encode_file=rckey.key
key_files=keys.files

for each in $dir_list_to_encode
        do dir_source_plain=$each
        # remove leading / , replace rest of them with .
        stripped_src_dir=$(echo $dir_source_plain | sed -e 'sz^/zz'|sed
-e 'sz/z.zg')
        key_files_subdir=$stripped_src_dir
        dir_encrypted=${stripped_src_dir}.enc
        dir_decoded=${stripped_src_dir}.dec
        name_encrypt="--name-encrypt=
$key_files/$key_files_subdir/${stripped_src_dir}.map"

        if [ ${decrypt:-no} == "yes" ]
        then
        $sync ${remote_machine}:${remote_dir}/$dir_encrypted .
        # since we are restoring your backup , lets assume you dont have
the keyfiles, but do have your private key
        # If you do have your keyfiles, comment out the next line and
uncomment the 2nd line down
        $decrypt_cmd $name_encrypt $dir_encrypted $dir_decoded
keys.retrieved/$key_files_subdir
$key_encode_dir/$key_private_encode_file
        #$decrypt_cmd $name_encrypt $dir_encrypted $dir_decoded
$key_files/$key_files_subdir $key_encode_dir/$key_encode_file

        else
        $encrypt_cmd $name_encrypt $dir_source_plain $dir_encrypted
$key_files/$key_files_subdir $key_encode_dir/$key_encode_file
        $sync $dir_encrypted  ${remote_machine}:${remote_dir}
        fi
done




-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Rsyncrypto-devel mailing list
Rsyncrypto-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel

Reply via email to