crypting remote data
Jason Haar
Jason.Haar at trimble.co.nz
Sun Mar 9 04:37:05 GMT 2008
david reinares wrote:
> rsyncrypto looks fine, but still not which we're looking for.
>
> Having a complete file updated if a little change happens doesn't
> bother me. We're performing daily rsync, so not many files can be
> changed in a day.
Then what about encfs? Put your data onto a encfs mountpoint, and then
rsync the encrypted version instead.
That's what we do for sensitive backups. It allows you to "outsource" an
operational role like backups to one group - without giving them
administrative access to the data (which happens with standard backups).
We NFS mount a share that is backed up, "encfs" over that mountpoint,
and then backup onto the encfs. The end NFS share ends up with fully
encrypted filenames and data. It's no good to anyone without the key...
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the rsync
mailing list