[Dirvish] Offsite Disks
Andrew Crawford
Andrew at Evermore.com
Fri Aug 24 20:36:50 UTC 2007
Jack Coats wrote:
> I understand. But I was hoping that you could have the entire device
> encrypted, not just the files on the file system. This way (with my weak
> understanding of how it REALLY works) it would seem that rsync would just
> see it as files on another file system and could rsync from one disk
> (un-encrypted) to the USB (encrypted) disk easily.
>
> I guess we need to snag a external USB drive and try it out!
>
> http://ubuntu-tutorials.com/2007/08/17/7-steps-to-an-encrypted-partition-local-or-removable-disk/
> seems to have some encite on making an encrypted partition. Again, I have
> not tested. ... Just a thougth! (yes this is an Ubuntu oriented link, but
> that is what we are running at work)
You could also use something like TrueCrypt ( http://www.truecrypt.org/
). Truecrypt can encrypt an entire volume/partition or, it can create a
virtual volume in a file.
It should be possible to create a pre-backup shell script that connects
to the remote machine with ssh and mounts the TrueCrypt volume. A
post-backup script could then unmount the remote volume.
It would not be bullet-proof but, the data would be encrypted when the
backup was not running.
Another possibility would be to remotely mount a volume hosting a
TrueCrypt file (using FTPS, WebDAV, or whatever), then mount the
TrueCrypt volume locally. That way, the data would never be unencrypted
on the remote server.
I don't know if that would work with the hard linking or, if there would
be other complications. I haven't tried it over a WAN connection (yet).
That is definitely possible over a fast LAN connection.
If you are just looking to do this with a USB-connected drive, it would
almost certainly work.
Andrew Crawford
More information about the Dirvish
mailing list