From owner-freebsd-stable@FreeBSD.ORG Wed Jan 16 16:16:38 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 93F4516A41A for ; Wed, 16 Jan 2008 16:16:38 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.157]) by mx1.freebsd.org (Postfix) with ESMTP id 1909213C44B for ; Wed, 16 Jan 2008 16:16:37 +0000 (UTC) (envelope-from tevans.uk@googlemail.com) Received: by fg-out-1718.google.com with SMTP id 16so360406fgg.35 for ; Wed, 16 Jan 2008 08:16:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:subject:from:to:cc:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer; bh=H1k1ouo9rTgz902Y8oQwciLql1RwB8a7k0Al5frX8rE=; b=maUOhEDLkR07eBfuMXQWCTJLyqlO7NLDdzBkNOvamwyK9IJ6VFE0mI2A63xXX5kxwzuLdAQdkBVSB67CZ27Rviw67H/NVEJRTQWpk5uhD7SXOaOEJJTYsj5dL2djIyjwfgV5mlJc1/H49G3jSpNu9TeEfMz+VoKd/HpOEqeXnKY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=subject:from:to:cc:in-reply-to:references:content-type:date:message-id:mime-version:x-mailer; b=Zc5IxsksNAZf9ucqiRD6lCsGM3R0xJCQDPezdBcsYMVCvesnfeIbLvQUjqlRIMYnv2pDyZ2vwg4fTB0LOkLL1D94a6L4+FqIFJpno+spULKTRmrrcb/hzaP0ljByC3gI7BvPkUZwKQP19NaQWxNiSjfImkiYBi8k6toDiYhhtL8= Received: by 10.82.159.15 with SMTP id h15mr1646190bue.36.1200498641543; Wed, 16 Jan 2008 07:50:41 -0800 (PST) Received: from ?127.0.0.1? ( [217.206.187.79]) by mx.google.com with ESMTPS id u14sm671470gvf.13.2008.01.16.07.50.39 (version=SSLv3 cipher=RC4-MD5); Wed, 16 Jan 2008 07:50:40 -0800 (PST) From: Tom Evans To: Johan =?ISO-8859-1?Q?Str=F6m?= In-Reply-To: <4FF9842D-ADC9-4A99-9DC4-E0FE1CC9CDCF@stromnet.se> References: <39FB5CF3-F2F4-401B-9D6D-7796608152E5@ish.com.au> <4FF9842D-ADC9-4A99-9DC4-E0FE1CC9CDCF@stromnet.se> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-Hkv/fAWZIIDjqYBjK8Wg" Date: Wed, 16 Jan 2008 15:50:38 +0000 Message-Id: <1200498638.2444.8.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.10.2 FreeBSD GNOME Team Port Cc: freebsd-stable@freebsd.org, emj@emj.se Subject: Re: Backup solution suggestions X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jan 2008 16:16:38 -0000 --=-Hkv/fAWZIIDjqYBjK8Wg Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Wed, 2008-01-16 at 00:26 +0100, Johan Str=C3=B6m wrote: > > Simple Example: >=20 > I create regular tarball (gziped maybee) with some files i want to =20 > backup, Then i encrypt this file with ie gpg. Then i send of this =20 > file using some unspecified network protocol to the storage server. > Encrypted all the way, from my end to the remote disk.. > The downside is that it is a static file.. not a "dynamic =20 > filesystem", nothing I can mount and have easy access to individual =20 > files from. *Thats* what I'm looking for. >=20 Have you looked into using mdconfig(8) to make a vnode (ie: file) backed md disk, and then encrypting with geli(8)?=20 This would be generated on your trusted local box, transferred encrypted to your backup box, where it can't be examined without your key, but with your key it could be mounted simply enough.=20 You wouldn't be able to take incremental snapshots easily - unless perhaps you generated a list of modified/added files and used those files as your incremental snapshot. This may/may not be viable, depending on the size of your data set. Tom --=-Hkv/fAWZIIDjqYBjK8Wg Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBHjifLlcRvFfyds/cRAvYrAJ41X4i0AyQ0oKzazXq/YUaszJJcKgCdGN50 17++KMY5J7XHwnK8PqJvGlY= =pxAG -----END PGP SIGNATURE----- --=-Hkv/fAWZIIDjqYBjK8Wg--