plain source -> encrypted destination: rsync + gpg

addady at addady at
Thu Jun 26 19:38:19 EST 2003


It seems that the --dest-filter patch of Kyle Jones can help you.

Here is a link


----- Original Message -----
From: "Martin Langhoff" <ml at>
To: <rsync at>
Sent: Thursday, June 26, 2003 8:38 AM
Subject: plain source -> encrypted destination: rsync + gpg

> We want to keep a backup or a mirror of your files in a server we don't
> fully trust. You can have an encrypted FS on a file, and copy the
> complete FS to the untrusted server, but it is inefficient, and you get
> no granularity at all.
> In our case, the remote server runs amanda, and we want to use amanda's
> power to restore files selectively -- yet don't give away our privacy.
> (We are, in fact, the administrators, not the end users, and we are
> trying to offer good quality backups with good privacy).
> Rsync seems to come quite close -- so close that I am tempted to write a
> shell script. The implementation I am thinking of is quite inelegant:
> keep a "shadow" copy of the source files (encrypted using pgp),   rsync
> the shadow directory and the destination.
> Are there ways to hook into rsync and preprocess the file before it is
> checksummed and sent  over? Are there other alternatives? (hopefully
> more elegant than maintaining a shadow copy of all the files!).
> There's an "GPG and Rsync" thread describing almost exactly what we want
> And also rsync-backup seems to be almost there -- but things seem to be
> happening at the server end.
> cheers,
> martin
> --
> To unsubscribe or change options:
> Before posting, read:

More information about the rsync mailing list