On Aug 11, 2006, at 13:24, Mike wrote:
I have a possible situation at work where one user (I'll not go into the details) needs to have all files from that workstation encrypted before they get on the network and on tape. Has there been a discussion, plan, or option I've overlooked such that the bacula-fd.conf can contain a passphrase for each file and when the files are read for sending to the director and sd the files are encrypted and when files are sent from the sd they are decrypted. What I'm thinking is the fd is the gateway to everything else in bacula and that when a file goes out through the fd the file is encrypted and when the file comes in through fd to the workstation fd decrypts the file. The user on the workstation always sees unencrypted files, regular data as if nothing is different. Anybody sniffing on the network or finding a random tape is able to see the files, but since the files are encrypted the files and tape and anything on the network is useless. If not discussed previously I'd like to see a parameter for what encryption program to use (pgp, gpg, enigma, etc) and a parameter for either a pass phrase, chat script, or something similiar to be given. Maybe the program needs two parameters, one for encryption and one for decryption.
This functionality is available in the 1.39 betas; I have some documentation on my web site: http://landonf.bikemonkey.org/code/bacula/ Configuring_Bacula_Encryption.20060305184424.26351.sandbox.html
The encryption is implemented in Bacula, using OpenSSL. Instead of simple symmetric encryption, asymmetric encryption is used to encrypt the session keys. This allows you to maintain a master keypair for said user's encrypted data, and retain the ability to restore their data should their encryption keypair be lost.
There is still one major gotcha, namely, it's possible for the director to restore new keys or a bacula configuration file to the client, and thus force later backups to be made with a compromised key and/or with no encryption at all. There has been some discussion on the list regarding solutions to this problem, including limiting where the director can send a restoration job on the file daemon.
-landonf
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
