LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Howto fix the problem:

Howto fix the problem:

Posted Oct 15, 2009 11:06 UTC (Thu) by endecotp (guest, #36428)
In reply to: Howto fix the problem: by drag
Parent article: Ubuntu to store copies of all users' address books

> I am very uninterested in any sort of "cloud" backup
> scheme that does not integrate encryption on the client
> side.

Does anyone know how to get rsync-like functionality with the data at the other end stored encrypted?

I currently use rsync over ssh for some of my backups, so the data is encrypted on the wire but unencrypted on the remote disk. When I set this up I tried to find a way of storing the remote copy encrypted without losing rsync's efficient incremental transfers, but I didn't find anything satisfactory. Any ideas?

(Log in to post comments)

Check out Tarsnap

Posted Oct 15, 2009 12:26 UTC (Thu) by fghorow (subscriber, #5229) [Link]

From Colin Percival, the (Free?)BSD Security officer.

Just a happy user of the service.

(Be aware, it is a *for a fee* service, but the micropayments are truly micro!)

Howto fix the problem:

Posted Oct 15, 2009 13:09 UTC (Thu) by sourcejedi (guest, #45153) [Link]

Try encfs + rsync. Encfs will encrypt both file content and names. (It won't hide filesizes, directory topology, permissions, and the approximate _lengths_ of filenames).

http://ubuntuforums.org/showthread.php?t=148600

Howto fix the problem:

Posted Oct 15, 2009 16:01 UTC (Thu) by zooko (subscriber, #2589) [Link]

Tarsnap seems like a well-engineered system, from reading the author's blog, but as far as I know
the server-side code is proprietary. The Tahoe-LAFS project (I'm a contributor) has excellent
encryption and erasure-coding features and if you like duplicity you can use Tahoe-LAFS as a
backend for duplicity. Also Tahoe-LAFS comes with its own integrated backup system which has
different trade-offs than the duplicity backend. (Duplicity does deltas for you, but you can't view or
download your files without going through duplicity. The Tahoe-LAFS integrated backup doesn't do
deltas, but it stores the files in a time-machine-style layout which you can browse and download
through the web.)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds