[CCing the author of the web page in question, in case she's
no longer subscribed]

On Tue, Jan 27, 2004 at 09:19:26AM +0100, Paul Bijnens wrote:
> Long ago, I bookmarked this page:
> 
> http://security.uchicago.edu/tools/gpg-amanda/
> 
> but I never tried it myself...

Long ago, it seems I had a small amount of input into it.  Funny
how that happens :-)  But I've never tried it either.

Looking at it now, I see that the basic approach is to have the
Amanda client do compression, with the "compression" program
(GZIP= environment variable to "configure") being a script that,
during backups, does essentially "gpg -e | gzip", and during
restores does the inverse.

The gzip step in this pipeline is a pointless waste of CPU time,
and may make the backup *larger*; by design, encrypted data is
supposed to resemble random data, and so it compresses very
poorly.  (If yours compresses well, I'd be *very* worried about
how secure your encryption is!)

Try removing the gzip step entirely, and reducing it to just the
gpg command.  (gpg compresses the data internally, for the sake
of better encryption, so putting a gzip step *before* gpg is
equally pointless.)

--

|  | /\
|-_|/  >   Eric Siegerman, Toronto, Ont.        erics AT telepres DOT com
|  |  /
It must be said that they would have sounded better if the singer
wouldn't throw his fellow band members to the ground and toss the
drum kit around during songs.
        - Patrick Lenneau