Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: new feature: client-side, server-side encryption dumptype option

2005-12-26 18:54:37
Subject: Re: new feature: client-side, server-side encryption dumptype option
From: Chris Lee <cslee-list AT cybericom.co DOT uk>
To: amanda-users AT amanda DOT org
Date: Mon, 26 Dec 2005 23:33:49 +0000 
Jon LaBadie wrote:

Josef,

If I've not followed this thread accurately accept my apologies.

My own personal summary is Greg suggested five combinations
of encryption were easily conceivable and when amanda adds
encryption each of the various combos should be accomodated.

Your view seems to me to be the combo's tagged B, C, and D
offer no benefits over E and thus the amanda user should
be given only the choice of A (no encryption) or E.

I won't comment on the benefits of any combo, just say that
flexibility has been a hallmark of unix from its beginning.
Merely because I or you see no advantage to something does
not mean that no one else will.  Or that someone requirements
might force them to one combo or another.

It seems to me that allowing the flexibility is a win-win
situation.  Aside from your opinion that combos B,C, and D
are redundant or inferior to E, what are your objections
to allowing the amanda user to make their own flexible choice.


My two cents on this topic would be a variation on how the client works;

I am not a crypto genius, or very good with the internals of Amanda.
But I think a process where the following deffinition could be used would improve the possibilities for security: 


>>     define dumptype foo {
Collect-server #forses client to make reverse connection to collect dumptype info from server Type = HTTP # protocol to use to collect dump type:HTTP, other optopns are HTTPS or others.
#Options for handing to client when collecting dump type can be one or more of following as logic suggests: 

                Option Key-Autogen #pass an auto generated key to client
                Option Key-Location(/path/to/key) #pass key at path to client
Option Key-Manager(/path/to/key/manager) #run manager with client name and dle info and pass resulting key to client, could link to remote key store. 
                Option Key(a-key-in brackets)
Option Store-In-Archive #tells client to store key in backup archive as preamble. Option Protocol(HTTPS) #tells client to use HTTPS to dump archive to server other protocols are possible including normal amanda system. Option Crypto(crypto-app) #The app to use for encrypting the data and hence the algorithm, probably needs wrappers to make encryption uniform. Option (Pre-encrypt) #pass through encryption before crypto, if not set after crypto if encryption is set. 
>>
>>     }
This way a secure connection can be made to collect any security sensitive information, and the client need not store anything exept while running the backup. 

Chris.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Permission denyed to just some filesystems, Jon LaBadie
Next by Date:  vtapes and runtapes > 1, Geert Uytterhoeven
Previous by Thread:  Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
Next by Thread:  Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
Indexes:  [Date] [Thread] [Top] [All Lists]