[Networker] encryption of bootstrap
2007-12-18 19:20:46
A student in class today raised a question about AES encryption that I
can't answer. When a directive is configured to perform aes encryption
during backup of a NW client, is the bootstrap save set also encrypted?
I would think not, since the bootstrap is being backed up from the NW
server and not the NW client; t seems like it would also tend to confuse
mmrecov if the bootstrap ever was encrypted. If this is the case, it
seems that if the volume containing the client's encrypted save sets
falls into "evil hands", the unencrypted bootstrap save set could be
recovered (assuming it is on the same volume) and the datazone pass
phrase used to perform the encryption could be determined from the
recovered resources. Thus, the purpose of doing the encryption is
thwarted; someone can determine the pass phrase used to perform the
encryption and therefore recover any of the data on the volume.
Am I misunderstanding something here?
Thanks,
Rick
To sign off this list, send email to listserv AT listserv.temple DOT edu and type
"signoff networker" in the body of the email. Please write to networker-request
AT listserv.temple DOT edu if you have any problems with this list. You can access the
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Networker] encryption of bootstrap,
Rick Brode <=
|
|
|