Re: Simple backup tape encryption
2005-06-27 04:54:47
Bruce Fletcher wrote:
I would like to propose an idea for the Amanda wishlist. Assuming there
aren't enough items on that list already...
<sigh> ;)
What I am imagining is putting a simple symmetric encryption key for
perhaps AES encryption in the Amanda config file, and then perhaps
enabling encryption in dumptype records. Assuming encryption is the
last thing that happens before a DLE goes to tape and the first thing
that happens on the way back, most of the Amanda chain would not need to
know about the presence of any encryption. And for disaster recovery,
you would presumably want to have a printout of your Amanda config
offsite, so your password would be recoverable.
As a start, is this idea conceptually sound? Maybe it could be
implemented already with wrapper scripts?
Good idea, this would add value to AMANDA.
I am currently playing around with a wrapper-setup using aespipe
(http://loop-aes.sourceforge.net/).
Should be relatively easy to implement in a wrapper, yes.
Maybe someone else wants to dig into this as well?
Stefan.
--
Stefan G. Weichinger
AMANDA core team member
mailto://sgw AT amanda DOT org
--
oops! linux consulting & implementation
http://www.oops.co.at
--
|
|
|