From owner-freebsd-security  Mon Nov 26 12:20:42 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-64-165-226-105.dsl.lsan03.pacbell.net [64.165.226.105])
	by hub.freebsd.org (Postfix) with ESMTP id 1A84937B416
	for <freebsd-security@freebsd.org>; Mon, 26 Nov 2001 12:20:40 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id A95F166B27; Mon, 26 Nov 2001 12:20:39 -0800 (PST)
Date: Mon, 26 Nov 2001 12:20:39 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: Randy Bush <randy@psg.com>
Cc: freebsd-security@freebsd.org
Subject: Re: crypted remote backup
Message-ID: <20011126122039.C13902@xor.obsecurity.org>
References: <E168Qts-000Bj5-00@rip.psg.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="3siQDZowHQqNOShm"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <E168Qts-000Bj5-00@rip.psg.com>; from randy@psg.com on Mon, Nov 26, 2001 at 10:54:40AM -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


--3siQDZowHQqNOShm
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Mon, Nov 26, 2001 at 10:54:40AM -0800, Randy Bush wrote:
> i want to back up some large files over the net, like 40gb.  i want to do
> something like rsync.  but i want the data crypted not only as it passes
> over the net (rsync over ssh), but also as it resides on the remote disk.
> any recommended practice on this?

Break it into chunks on the local system (e.g. tar -L), encrypt them
with openssl(1) and then send that to the remote system over an
authenticated link (e.g. ssh)

Kris

--3siQDZowHQqNOShm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8AqQWWry0BWjoQKURAo4tAJ0ZdncggWuVqVgDAJ9QLgUeRAWkZgCg2hyU
KE2EiGWWkz0wxoVI0PJ6h5U=
=jn+s
-----END PGP SIGNATURE-----

--3siQDZowHQqNOShm--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message