I too have a little bit of experience with backups, and agree with the
notion of beer and a general get together sometime in the
not-too-distant future---

Indeed, choosing a backup system depends on what you want to
accomplish, and the 3-2-1 rule is a good one to keep in mind! Good

I also like to think about data remanence and media longevity. DVD-+Rs
and CDRs are very poor choices these days, but when you dig into
flash, you may not trust that USB stick or SSD as much anymore
either...see: https://www.bunniestudios.com/blog/?page_id=1022 and
reports on running linux on the usb flash controller chip itself...
see badUSB for more on that line of thinking... anyway... I digress.

On the encryption front:

At this time, for those who need it, I generally recommend whole-disk
encryption with LUKS, including the boot partition as Grub now
understands LUKS, and has for some time now.

Like backups, this too really depends on your threat model. It is wise
to do cryptsetup by hand after collecting enough entropy in a live
Linux context. Be wary of the lack of entropy in installers. See:
https://tails.boum.org/blueprint/randomness_seeding/ and

I have not seen any installer handle cryptsetup well. Yet. Anyone?

To backup a LUKS encrypted disk, it is important to copy material from
one encrypted container to another, and to avoid doing a block-level
copy (dd) as that copies the keyslots too, thus making defeat of a
keyslot on one copy transfer to all other copies. Best to use
different containers with different keys. See:

On the backup front:

For incremental backups, rsnapshot works fine. It wraps rsync with a
bit of shell that creates links to unchanged data. A good option for
"oops, I messed this up badly, let me revert." Deployment here assumes
that you have a dedicated backup system.

For bare-metal backup and restoration, bacula is quite nice, though it
assumes you exist on the side of enterprise, as it competes with
Amanda and the like. https://en.wikipedia.org/wiki/Bacula

There are so many backup choices, it can indeed make one's head spin.

Just a few thoughts.

Oh, and here is a presentation on btrfs and systemd on system
immutability at the systemd conference. Not exactly the same thing,
but an interesting demonstration of sync services in btrfs. See:
https://www.youtube.com/watch?v=U6HD_rQQbIM and

Oh, and finally, is Haskell really so obscure? There are whole
conferences devoted to it and other more modern languages. See:
https://wiki.haskell.org/Conferences and Guile is interesting,
especially with Guix: https://www.gnu.org/software/guix/ for the emacs
lovers among us, that is a very interesting distro direction.


have a nice day.yad

On 10/07/2016 07:55 PM, Anthony Carrico wrote:
> One of the first systems to support ssh, rsync, and deduplication
> (file level, using hard links) was backuppc. I've used it for years
> without a hitch. It is a little overly complicated (lots of
> options) because it also supports backing up PC's aka Windows Boxes
> a number of different ways. I've never tried that aspect of it,
> preferring to stick with ssh+rsync.
> I am interested to hear about anyone's experience with the btrfs
> syncing stuff.
> I also support the beer idea.

Reply via email to