From owner-freebsd-stable@FreeBSD.ORG Thu Jan 17 00:34:32 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7871B16A46E for ; Thu, 17 Jan 2008 00:34:32 +0000 (UTC) (envelope-from johan@stromnet.se) Received: from core.stromnet.se (core.stromnet.se [83.218.84.131]) by mx1.freebsd.org (Postfix) with ESMTP id 32B6213C4D9 for ; Thu, 17 Jan 2008 00:34:32 +0000 (UTC) (envelope-from johan@stromnet.se) Received: from localhost (unknown [83.218.84.135]) by core.stromnet.se (Postfix) with ESMTP id 046CCD46404; Thu, 17 Jan 2008 01:34:32 +0100 (CET) X-Virus-Scanned: amavisd-new at stromnet.se Received: from core.stromnet.se ([83.218.84.131]) by localhost (core.stromnet.se [83.218.84.135]) (amavisd-new, port 10024) with ESMTP id 0Rscny4s8I86; Thu, 17 Jan 2008 01:34:29 +0100 (CET) Received: from [172.28.1.102] (90-224-172-102-no129.tbcn.telia.com [90.224.172.102]) by core.stromnet.se (Postfix) with ESMTP id 98E51D46403; Thu, 17 Jan 2008 01:34:29 +0100 (CET) In-Reply-To: <478E46D0.2080804@raad.tartu.ee> References: <39FB5CF3-F2F4-401B-9D6D-7796608152E5@ish.com.au> <4FF9842D-ADC9-4A99-9DC4-E0FE1CC9CDCF@stromnet.se> <478E46D0.2080804@raad.tartu.ee> Mime-Version: 1.0 (Apple Message framework v753) Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed Message-Id: <2F76BC78-6FE7-49B3-867C-9DD37230F427@stromnet.se> Content-Transfer-Encoding: quoted-printable From: =?ISO-8859-1?Q?Johan_Str=F6m?= Date: Thu, 17 Jan 2008 01:34:06 +0100 To: Toomas Aas X-Mailer: Apple Mail (2.753) Cc: emj@emj.se, freebsd-stable@freebsd.org Subject: Re: Backup solution suggestions X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jan 2008 00:34:32 -0000 On Jan 16, 2008, at 19:02 , Toomas Aas wrote: > Johan Str=F6m wrote: > >> My main problem with existing solutions is this "gap" of =20 >> encryption on the backup server side. I dont want it to be =20 >> readable outside of my box (without encryption keys ofcourse), so =20 >> as soon as I send it of from my box I want it to be encrypted over =20= >> the link, and down on the disk. Not decrypted on the remote box, =20 >> to then be encrypted again (with keys available on that box) and =20 >> then stored to disk. That would allow any users of that box (yes =20 >> sure you can have file permissions but lets assume someone else =20 >> have root access there) to read my files. >> Simple Example: >> I create regular tarball (gziped maybee) with some files i want to =20= >> backup, Then i encrypt this file with ie gpg. Then i send of this =20 >> file using some unspecified network protocol to the storage server. >> Encrypted all the way, from my end to the remote disk.. >> The downside is that it is a static file.. not a "dynamic =20 >> filesystem", nothing I can mount and have easy access to =20 >> individual files from. *Thats* what I'm looking for. > > As a long-time user of Amanda and regular lurker on their mailing =20 > list, I've noticed that latest versions of Amanda have encryption =20 > capabilities. They seem to fit your needs in that encryption can be =20= > performed entirely on the backup client ("your box") side if one =20 > opts to set things up that way. > > I haven't used encryption with Amanda myself so this is just what =20 > I've heard on the list and read from the wiki just now: > > http://wiki.zmanda.com/index.php/How_To:Set_up_data_encryption > > As for the ease of restore, it's not quite *that* easy, i.e. you =20 > can't just transparently mount the backup as a filesystem and copy =20 > files from there. Amanda has a command-line-ftp-like recovery =20 > interface, where you can specify which files/subdirectories and =20 > from which date you want recovered. It's been easy enough for me. > > Looked through that page, seems like pretty much work right now. And =20 I looked through the amanda docs, and I got to say, when calling =20 themselfs "Amanda is the world's most popular Open Source Backup and =20 Archiving software." one would expect somewhat better docs.. hehe. Anyway, I will look more into the ggated suggestion from another post =20= before digging deeper into amanda :) -- Johan=