Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Adding encryption support to an existing bacula installation?

2015-08-14 09:02:15
Subject: Re: [Bacula-users] Adding encryption support to an existing bacula installation?
From: Heitor Faria <heitor AT bacula.com DOT br>
To: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Fri, 14 Aug 2015 10:00:41 -0300 (BRT)
Hello Florian,

Could you give more details about what versions of Bacula, Ubuntu and Windows are using??

If you build bacula from source, you will just need to rebuild including the --with-openssl option and then make the necessary configurations in your director and file daemon files. All your configurations files will be kept. This should cause no impact in your actual configuration.

Best regards,
Ana
Em sex, 14 de ago de 2015 às 05:47, Florian Splett <florian.splett AT web DOT de> escreveu:
Hello.

I have a working installation of bacula that takes care of the backups
in a small network.
When I first started with bacula and learned how to set it up, I had a
lot of trouble with including openssl, so I decided to build bacula
without it.

Now we want to prepare for storing backups off-site, meaning encryption
becomes highly important.

Here a short overview of the situation:
Ubuntu Server with Director, SD, catalog on postgresql and FD
3 Windows machines with FD
1 Synology NAS as SD target (accessed via mount)

new: 1 Synology NAS off-site planned as additional SD target (maybe for
a second SD, not sure yet.)

How can I add encryption support to my existing bacula installation?
Is a rebuild needed? If yes, does it have an impact on the existing
configurations?
I assume you want to use Bacula Data Encryption feature since you are planning to deploy a storage off-site?: http://www.bacula.org/5.2.x-manuals/en/main/main/Data_Encryption.html
It's easier to configure but causes more client CPU overhead and you can't loose all your private keys in anyway.
Another option is to encrypt only the communication, probably between client and storage: http://www.bacula.org/5.1.x-manuals/en/main/main/Bacula_TLS_Communications.html
Create certificates for the machines, configure Bacula to use them, etc. It's been largely discussed in prior posts and there are several tutorials in the internet.
Like Ana said yes, your Bacula binaries should be built with Encryption support. Centos and Debian Repositories ones usually does.

Regards
===========================================================================
Heitor Medrado de Faria - LPIC-III | ITIL-F |  Bacula Systems Certified Administrator II
I do Bacula training and deploy in any city of the world. More information: http://bacula.us/
===========================================================================



Regards,

Florian S.

------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users

------------------------------------------------------------------------------

_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users

------------------------------------------------------------------------------

_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Bacula version 7.2.0 released, Wanderlei Huttel
Next by Date:  Re: [Bacula-users] Bacula version 7.2.0 released, Kern Sibbald
Previous by Thread:  Re: [Bacula-users] Adding encryption support to an existing bacula installation?, Ana Emília M. Arruda
Next by Thread:  [Bacula-users] Bacula version 7.2.0 released, Kern Sibbald
Indexes:  [Date] [Thread] [Top] [All Lists]