<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<font face="Liberation Sans">I think Dirk was asking about securing
the *DATA* on the remote server - not the *TRANSPORT*<br>
<br>
I'd recommend encfs. It has a "--reverse" option which allows you
to mount a data tree and the new mount shows up with encrypted
filenames and content. rsync that to the remote server, and even
the local sysAdmins won't have access to the data<br>
<br>
i.e.<br>
<br>
encfs --reverse /home/ /tmp/crypt-view<br>
rsync -azv </font><font face="Liberation Sans">/tmp/crypt-view
remote-server:.......<br>
<br>
After a data loss, you could rsync that encrypted content back,
then encfs-mount it and access the unencrypted data<br>
<br>
We use it as a mechanism of role separation: it allows our
security group to use the server group infrastructure for
backups/storage, without giving them access to the data...<br>
<br>
<br>
Jason<br>
</font><br>
<pre class="moz-signature" cols="72">--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
</pre>
</body>
</html>