Re: [Bacula-users] Adding encryption support to an existing bacula installation?
2015-08-14 09:02:15
Could you give more details about what versions of Bacula, Ubuntu and Windows are using??
If you build bacula from source, you will just need to rebuild including the --with-openssl option and then make the necessary configurations in your director and file daemon files. All your configurations files will be kept. This should cause no impact in your actual configuration.
Best regards, Ana
Hello.
I have a working installation of bacula that takes care of the backups in a small network. When I first started with bacula and learned how to set it up, I had a lot of trouble with including openssl, so I decided to build bacula without it.
Now we want to prepare for storing backups off-site, meaning encryption becomes highly important.
Here a short overview of the situation: Ubuntu Server with Director, SD, catalog on postgresql and FD 3 Windows machines with FD 1 Synology NAS as SD target (accessed via mount)
new: 1 Synology NAS off-site planned as additional SD target (maybe for a second SD, not sure yet.)
How can I add encryption support to my existing bacula installation? Is a rebuild needed? If yes, does it have an impact on the existing configurations?
I assume you want to use Bacula Data Encryption feature since you are planning to deploy a storage off-site?: http://www.bacula.org/5.2.x-manuals/en/main/main/Data_Encryption.html It's easier to configure but causes more client CPU overhead and you can't loose all your private keys in anyway. Another option is to encrypt only the communication, probably between client and storage: http://www.bacula.org/5.1.x-manuals/en/main/main/Bacula_TLS_Communications.html Create certificates for the machines, configure Bacula to use them, etc. It's been largely discussed in prior posts and there are several tutorials in the internet. Like Ana said yes, your Bacula binaries should be built with Encryption support. Centos and Debian Repositories ones usually does.
Regards =========================================================================== Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified Administrator II I do Bacula training and deploy in any city of the world. More information: http://bacula.us/ ===========================================================================
------------------------------------------------------------------------------
_______________________________________________ Bacula-users mailing list Bacula-users AT lists.sourceforge DOT net https://lists.sourceforge.net/lists/listinfo/bacula-users
------------------------------------------------------------------------------
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
|
|