Pushing hard-linked backups

[Eric S. Johansson]

Matt McCutchen wrote:
> bOn Mon, 2007-12-24 at 18:34 -0500, Eric S. Johansson wrote:
>> I'd love for the remote backup to be encrypted locally so one could
>> backup to a hostile host.
> 
> That limits your options.  

one would think.  For now, lets go with the plaintext push form of rsnapshot. 
as for encryption, I think it would be possible (assuming mods to rsync) to do 
rsync encrypted copies.  if you assume symmetrical encryption and that the key 
and plaintext is managed by one side, specified by  command line args, it 
becomes easier (not easy, only easier :-)

[[ related thought.  if rsync had a plugin architecture allowing per file 
transformation (pre and post transfer) one could build encryption in as an addon]]

the idea of the encryption extension is that when a file is ready for block by 
block checking, it is copied (replicating TOP (time, ownership and permissions)
and encrypted using the given symmetrical key.  this should yield an identical 
file if they are the same.  if you get the key wrong, tough noogies, you copy 
your entire dataset.

possible problems

I really don't know the internals of rsync and if this idea is possible.
it's been thought of and rejected.
I'm being blond on the crypto
it will be *slow*
may be a rathole.
rsync/snapshot to trusted host and backing up encfs image of backup directory 
may be a better solution

wins

lets you backup to hostile hosts
provides some measure of confidentially on rsync transfers in the clear


so matt, lets go for the rsnapshot push to a benign host for now.

--- eric