Re: Encrypted backups
Hello,
Here's something I like:
- make sure your kernel support encrypted loopback & your encryption of choice
- configure a crypto loop to your tape device
losetup -e twofish /dev/loop0 /dev/nst0
- backup or restore as usual, using /dev/loop0 as a tape device
- unconfigure the loop
losetup -d /dev/loop0
It's kernel-side, very simple, and sould be fast enough...
Bill
> Hi -
>
> I am investigating ways of producing encrypted backups. Currently I
> use afio and gpg (via tob) with something like:
>
> afio -b 10240 -c 1000 -U -Z -P gpg -Q --symmetric -Q \
> --passphrase-fd=3 -Q --no-verbose -Q --batch -Q --no-options \
> -3 3 -o /dev/nst0 < $FILELIST 3<$PASSPHRASE
>
> where $FILELIST is the list of files, and $PASSPHRASE is a path to a
> file containing the passphrase for the backup set.
>
> After a few tests, this method appears to be extremely slow (on a
> simple 4mb archive, non encrypted method takes less than .5 secs,
> encrypted takes about 7 secs) compared to non-encrypted backup sets
> (which I was expecting). Does anyone know of ways to speed the process
> up? Are there any other ways of getting an encrypted backup set that
> might be faster?
>
> Thanks
>
> Marcus
>
> --
> Marcus Williams -- http://www.quintic.co.uk
> Quintic Ltd, 39 Newnham Road, Cambridge, UK
> This message is private [ ] public [*]
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
>
--
Billy Nadeau - bill@sanac.net
Services internet Sanac / Sanac internet Services
Reply to: