Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: new feature: client-side, server-side encryption dumptype option

2005-12-10 14:47:59
Subject: Re: new feature: client-side, server-side encryption dumptype option
From: Gene Heskett <gene.heskett AT verizon DOT net>
To: amanda-users AT amanda DOT org
Date: Sat, 10 Dec 2005 14:33:24 -0500 
On Saturday 10 December 2005 12:12, Kevin Till wrote:
>Hi,
>I have added a dumptype option, "encrypt".
>Code has been committed to the sourceforge,
>rpm will be available next week on www.zmanda.com.
>I have updated the encryption section on :
>http://wiki.zmanda.com/index.php/Backup_server#Server-side_and_Client
>-side_encryption
>
>At the same time, I have also incorporated Matthieu Lochegnies's
> custom compress patch. Now that you can specify your own compression
> program. Information is added to
>http://wiki.zmanda.com/index.php/Backup_server#Custom_Compression
>
<curmudgeonly grumpy sound>  This is not, in my opinion, a good patch 
to turn loose in the hands of a joe sixpack or an expert.  And I'm 
afraid I might make some enemies here too, darn it.

The patch itself may be great, Kevin, BUT Bzip2 isn't anywhere near as 
dependable as gzip.  If it somehow misses a byte in the recovery, the 
rest of the file is toast, or, and I've had this happen often enough 
to know its not _just_ a coincidence, like in unpacking a kernel.org 
kernel dl'd in .bz2 format, one or more whole subdirs of the kernel 
tree will go missing!  Without reporting an error of any kind.  Blow 
the tree away and unpack it again, and it will be there.  Its done 
that to me 5 or 6 times now, and I finally gave up and won't dl a .bz2 
if the .gz is available

No, I don't trust bzip2, and if the option is there, someone will use 
it, and then cuss and publicly blame amanda when the recovery blows 
up.  And it will at some point, guaranteed.

No reflection on Kevin is intended as he can probably outcode me any 
day of the decade, but to use bzip2 in a backup, its got to work 
scenario?  No, nyet, zip...  I'd have to be committed & certified.

>AMANDA.CONF(5) man page is also updated with the information.
>
>I have tested it on different configuration, performing amdump,
>amrestore and amrecover:
>a) client-compress, server-encrypt
>b) client-compress, client-encrypt
>c) server-compress, server-encrypt
>
>Please use it and send us your feedback to
>http://forums.zmanda.com/showthread.php?t=8
>Thanks!

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should use this
address: <gene.heskett AT verizononline DOT net> which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  new feature: client-side, server-side encryption dumptype option, Kevin Till
Next by Date:  Re: new feature: client-side, server-side encryption dumptype option, Ian Turner
Previous by Thread:  new feature: client-side, server-side encryption dumptype option, Kevin Till
Next by Thread:  Re: new feature: client-side, server-side encryption dumptype option, Ian Turner
Indexes:  [Date] [Thread] [Top] [All Lists]