cbiedl at gmx.de
Sun Apr 16 18:16:32 GMT 2006
Julian Pace Ross wrote...
> The idea is that data stored on the remote server would be unreadable to the
> people on that side, but can be decrypted when rsyncing back to the local
> server in case of data loss.
In that case encyption will have to take place before transmission
anyway. Else you do rely on an uncorrpted rsync on the remote side.
My solution for that problem is outside of rsync. I am using an
encrypted filesystem where encryption takes place on the local side and
the actual storage is accessed via the network. rsync itself is a local
(file only) operation then.
The "network block device" in Linux would be a nice thing for that but
it lacks a lot of features to make it usable (according bug reports are
on my todo list).
So currently my solution is really ugly: The remote side exports (via
nfs) a directory with a single huge file. The directory is mounted, then
that image using loopback and encryption. This works but results in poor
performance as caching is virtually disabled.
More information about the rsync