Re: new feature: client-side, server-side encryption dumptype option
2005-12-11 14:23:28
Josef Wolf wrote:
On Sat, Dec 10, 2005 at 09:12:49AM -0800, Kevin Till wrote:
Great! Thanks for your afford to bring encryption into amanda's core.
I have not taken a close look on it yet. From the description, I have the
impression that this solution is based on symmetric encryption.
Yes, the reference encrypt script program provided is based on symmetric
encryption.
I'm working on the asymmetric (public/private) encryption solution. The
infrastructure will support asymmetric encryption just fine.
Since amanda adds header information to the dump image, mdc
(modification detection code) cannot be supported at this point. Other
than that, it's working:
$amdump
header information:
more 00001.boston.zmanda.com._usr_tmp_bacula_bacula.0
AMANDA: FILE 20051211 boston.zmanda.com /usr/tmp/bacula/bacula lev 0
comp N crypt enc program /bin/gtar client_encrypt
/usr/local/bin/bin/amgcrypt client_decrypt_option -d
To restore, position tape at start of file and run:
dd if=<tape> bs=32k skip=1 | /usr/local/bin/bin/amgcrypt -d |
/bin/gtar -f... -
^L
$amrestore-f 0 file:/backups/amanda/
amrestore: 1: restoring
boston.zmanda.com._usr_tmp_bacula_bacula.20051211.0
You need a passphrase to unlock the secret key for
user: "amanda <amanda AT zmanda DOT com>"
1024-bit RSA key, ID CF522ABC, created 2005-12-11
gpg: encrypted with 1024-bit RSA key, ID CF522ABC, created 2005-12-11
"amanda <amanda AT zmanda DOT com>"
gpg: ring trust w/o key
gpg: WARNING: message was not integrity protected
amrestore: 2: reached end of tape: date DATE
--
Thank you!
Kevin Till
Amanda documentation: http://wiki.zmanda.com
Amanda forums: http://forums.zmanda.com
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option,
Kevin Till <=
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
|
|
|