Hi Shachar, sorry for the late response.
On Fri, 15 Jun 2012 17:01:51 +0300 Shachar Shemesh <shac...@shemesh.biz> wrote: > On 06/15/2012 12:48 PM, Shlomi Fish wrote: > > Hi all, > > > > thanks for rsyncrypto. > you are welcome. > > > > I've become interested in it because I recently decided to use remote > > backups on http://rsync.net/ and want to keep my backups' secure. The first > > thing I wanted to note is that as of the latest release of rsyncrypto > > (1.12), > > the man page reads "fro stdin" instead of "from stdin". I saw this is fixed > > in > > the Subversion repository, so isn’t it time for a new release? > The subversion contains some fairly major changes which I have not had > the time to complete. I will release when they are ready. Hopefully, > I'll have more time for rsyncrypto soon. I see, thanks for the heads’ up. > > Otherwise I wanted to ask a question: what I want to do is have the encoded > > data encrypted by a password, which I enter for encrypting and for > > decrypting, so that I can still unpack/decode it if I just have access to > > the > > encoded data. How can this be achieved while still making the encoded data > > rsync-friendly? Does rsyncrypto support something like that? Should I look > > for > > something else? > Rsyncrypto uses a public/private key as the master encryption key, with > each file being encrypted using a symmetrical (AES) key. While it is > possible to produce an (insecure) symmetrical key from a password, no > such method exists for public keys. As such, no, rsyncrypto does not > support this mode of use. OK. > > But despair not. You can achieve the equivalent level of security by > encrypting your private key with a password, and storing it using the > same provider you store your actual data. At this point in time > rsyncrypto does not support decrypting from password protected RSA keys, > but such support can be, fairly easily, added. Otherwise, in case of > catastrophe, you can simply pull your encrypted key and decrypt is locally. > Thanks! I think that is also what Harold suggested. BTW, do you think it would be possible to write an --rsyncable patch for xz instead of gzip (see http://tukaani.org/xz/ ; http://en.wikipedia.org/wiki/Xz ) in order to achieve better compression (and as a result faster uploads/downloads) and to adapt rsyncrypto to it? Regards, Shlomi Fish -- ----------------------------------------------------------------- Shlomi Fish http://www.shlomifish.org/ http://www.shlomifish.org/humour/ways_to_do_it.html We don’t know his cellphone number, and even if we did, we would tell you that we didn’t know it. Please reply to list if it's a mailing list post - http://shlom.in/reply . ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Rsyncrypto-devel mailing list Rsyncrypto-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
