Re: new feature: client-side, server-side encryption dumptype option
2005-12-12 17:09:55
Jon LaBadie wrote:
On Sun, Dec 11, 2005 at 11:07:09AM -0800, Kevin Till wrote:
Yes, the reference encrypt script program provided is based on symmetric
encryption.
I'm working on the asymmetric (public/private) encryption solution. The
infrastructure will support asymmetric encryption just fine.
Since amanda adds header information to the dump image, mdc
(modification detection code) cannot be supported at this point. Other
than that, it's working:
As amanda does not modify the actual dump image,
could "mdc" be applied to just the dump image itself
ignoring the 32K header?
Hi Jon,
I have to think about it but it could be that the binary file was
manipulated somehow during dump and restore.
BTW, I just find a solution to the problem. It's to create ASCII
encrypted output when encrypting. So the dump file is encrypted in
ASCII. It passed the mdc tests during amrestore, the only side-effect is
the dump file size is increased by 35% (vs the normal, binary encryption).
So user have the choices here. If message authentication is needed,
encrypt it in ASCII. Otherwise, --disable-mdc to save some disk space.
--
Thank you!
Kevin Till
Amanda documentation: http://wiki.zmanda.com
Amanda forums: http://forums.zmanda.com
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Jon LaBadie
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
|
|
|