BackupPC-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [BackupPC-users] destination directory and encrytion

2015-09-02 19:17:17
Subject: Re: [BackupPC-users] destination directory and encrytion
From: Tim Fletcher <tim AT night-shade.org DOT uk>
To: backuppc-users AT lists.sourceforge DOT net
Date: Wed, 2 Sep 2015 23:47:53 +0100 
On 02/09/15 14:35, Jan Novak wrote:
> Hi there,
> 
> two questions:
> Is it possible to switch the destination directory of the backup for 
> each host
> and how can be a backup encoded (because of unsecure cloud server or 
> similar)?

I've read over the thread and BackupPC is in this case not the right answer.

The issues that you are trying to solve, ie separation of clients via
different encryption keys and not trusting the server are fundamentally
opposed to BackupPC's design.

There are backup systems that make use of client side encryption, that
prevent the server ever seeing the plain text file contents. The one of
these that I know best is duplicity there is also one called tarsnap
that I know less well.

BackupPC is designed as a trusted server side pull backup system, ie the
server sees the plain text of files. BackupPC makes use of file level
dedup, ie the same file from multiple clients have the same content on
the server. This is exactly what properly implemented encryption is
designed to avoid.

Encrypted file systems on cloud servers are hard to get correct, the
master key for the file systems such as truecrypt or LUKS are always in
the machine's memory. Unless you have physical hardware the hypervisor
can always read the memory of a machine thus extract the master key
without alerting the owner of the VM. Even with physical servers given
access to the server and a willingness to reboot the system keys can be
recovered.

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [BackupPC-users] BackupPC_fixLinks.pl - Where to download?, Matthias Meyer
Next by Date:  Re: [BackupPC-users] destination directory and encryption, Adam Goryachev
Previous by Thread:  Re: [BackupPC-users] destination directory and encrytion, Jan Novak
Next by Thread:  [BackupPC-users] BackupPC_fixLinks.pl - Where to download?, Matthias Meyer
Indexes:  [Date] [Thread] [Top] [All Lists]