crypting remote data

Matt McCutchen matt at mattmccutchen.net
Sat Mar 8 18:12:18 GMT 2008


On Sat, 2008-03-08 at 18:33 +0100, david reinares wrote:
> rsyncrypto looks fine, but still not which we're looking for.
> 
> Having a complete file updated if a little change happens doesn't
> bother me. We're performing daily rsync, so not many files can be
> changed in a day.
> 
> The real problem is about space and performance. If you want good
> performance yo have to sacrifice space, and vice versa.
> 
> We decided to save space for client. so we copy file by file, crypt
> it, rsync it, and then delete...a hell for performance, starting a
> rsync connection for each file.
> And worst of all, we loose -b functionality, that was really good
> (having not just a copy of the day before but an extra day)...having a
> previous version of destination data 
> in a file by file basis is not a god idea.

I don't understand what problem you are having with -b; could you please
clarify?  Suffixed backups should work exactly the same way when
rsyncing one file at a time as they did when you rsynced all the files
at once.  The same is true of backups with --backup-dir, provided that
you use --relative so you can specify the same destination argument for
every run.

> Any idea to get the -b funcionality back again and obtain a compromise
> between space and performance?

To fix the performance while keeping the space usage low, look into the
"source-filter_dest-filter" branch of rsync:

http://rsync.samba.org/ftp/rsync/dev/patches/source-filter_dest-filter.diff

You could run rsync once for all the files and specify your encryption
program as the --source-filter, and rsync would call your encryption
program once per file as needed.

Matt



More information about the rsync mailing list