Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] [Bacula-announce] Bacula project voting

2009-05-06 14:59:25
Subject: Re: [Bacula-users] [Bacula-announce] Bacula project voting
From: Kern Sibbald <kern AT sibbald DOT com>
To: Stefan Bertels <post AT stefan-bertels DOT de>
Date: Wed, 6 May 2009 20:54:31 +0200 
On Wednesday 06 May 2009 19:44:19 Stefan Bertels wrote:
> Hi,
>
> first: item 31 and 23 on the current todo list seem to be duplicates.

Yes, thanks. I noted it and corrected.

>
> (http://bacula.svn.sourceforge.net/viewvc/bacula/trunk/bacula/projects?view
>=markup)
>
> second: is there an option in bacula to have client-side encryption?

Yes, there  is both communications encryption and data encryption.

>
> If not: Maybe this is something for the feature list. This is related to
> Windows EFS files support (#31 and #23).

Support for Windows EFS is really a different beast ...

We need a Windows programmer to do that project, and for the moment, no one 
has shown an interest ...

Kern

>
> Suggestion:
> - allow the client to setup a password or key file for encrypting and
>    decrypting all data before it is send to the backup server
> - file contents should be encrypted (most important part)
> - maybe filename,path and other attributes should be encrypted too
> - it might be useful to exclude folders from this (e.g. folders where
>    programs are stored, c:\Windows) to save cpu and backup space
>    (different machines will have many of those files equally).
>    Or you might want to have different key for different folders.
>
> This has some real advantage over EFS (regarding Windows XP): You are
> not limited to setup a similar machine using your EFS keys when making
> disaster recovery. You could restore the files to any machine (including
> unix/linux) after adding password/key there. And: EFS is limited to
> Windows and performs not very well. You could use TrueCrypt to protect
> your laptop and "bacula client security" to protect the data when it is
> leaving your machine for backup (would perform ok for big data, too).
>
> You probably want to use a symmtric encryption system (AES) for this.
>
> This might seem something special but I think this might be very useful
> when using untrusted storage (e.g. online services). And you would have
> some security for backup of very critical (secret) data (network and
> storage security).
>
> Stefan



------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image 
processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] unbelievable question - what is a volume?, Arno Lehmann
Next by Date:  [Bacula-users] upgrade from 2.4.4 to 3.0.1, Thomas Bennett
Previous by Thread:  Re: [Bacula-users] [Bacula-devel] Bacula project voting, Kern Sibbald
Next by Thread:  [Bacula-users] Bacula project voting is now Open, Kern Sibbald
Indexes:  [Date] [Thread] [Top] [All Lists]