On Fri, 1 Dec 2006, Vim Visual wrote:
> > > Hola, trozo de madera...
> >
> > Zdravstvuj, Vimchik.
>
> kak dela, mamont/shchepki?
Neplokho. Woodchuck = surok, po-russki. Somewhat smaller than a
mamont. Cuter, too. My girlfriend:
http://www.bedford.net/users/djv/chuck1.jpeg
> > used for the encrypted fs only needs to be bigger. Later on this.
>
> lookiong forward
We're running a bit off-topic.
I'm beginning to forget the original problem.
Can I assume it's this? Do I understand properly?
Problem:
1) A laptop, on one of its internal hard-drives has a
large collection of data in some directory and subdirectories,
say /home/vim/data/... These data is plaintext, i.e. unencrypted.
2) As time passes, these data are changed, sometimes these
changes are few, sometimes major.
3) Periodically, it is desired to backup these data to a
USB drive, and that these data be encrypted.
Restraints/Features:
4) Execution time of backups is important, and should, if
possible, be at the "impatient user" level, i.e. measured in minutes,
not hours.
5) Encryption should be secure enough to withstand routine
opponents (nosey office rivals, cow-orkers, casual thieves), but
need not withstand governments or torture. (The existence of the
encrypted data is not itself a secret, i.e. it need not be hidden
in pr0n fragments on "unused" areas of a disk, etc etc.)
6) Encryption should be painless. 7) The laptop is moderately
secure digitally and physically. The USB drive is not secure.
8) The encryption and backup scheme should be portable in
some moderate fashion.
Things I need to know:
9) How much data *changes* on a typical interval between
backups. There is 6GB of data, assumed. Supposing that the
backup was done in an efficient manner, only backing up changed
files, how much data would have to be moved? (I'm thinking of
a solution using dump or maybe rdist. If feasible, this would
really cut backup time.)
10) Is the USB drive plugged in and available all the
time, most of the time, only for designated backup sessions?
I further assume that you do not want to work from the USB drive,
it is strictly for backup of encrypted data. One partition of it,
I mean. The data that you crunch and produce is on the laptop's
permanent drive. Right?
Restraint (8) will be hard. I don't like it.
Your solution with mcrypt is probably what you'll use, but working
out a svnd method will be instructive.
> thanks for the input... I'm going for the blowfish one; it's half the
> time than for rijndael
This will be an improvement.
> > This means that most of the time is being spent doing disk operations.
> > I am running all this as root.
>
> yes, I know this I/O...
>
> why as root?
Why not? I enjoy the frisson of danger. Keeps me alert. Old habit.
mcrypt said it might run differently as root (not swapping), so I
figured I'd do it as root to be consistent.
> hey, woodchuck, you've already been of big help! that's fine, don't
> worry more about this!
But this is how I learn. It is also how I keep others from learning.
This kept me employed for ten years once, progressively building
reputation until I could hide all day in an impregnable office.
Knowledge takes work. People shun work. Hence knowledge can be
concentrated, packaged, massaged and later sold dear. In a town
with a good bakery, there will only be one baker; although flour
and yeast will be sold everywhere cheaply, yet bread will be dear
and everyone will patronize the bakery. The baker will spread
stories about the difficulty and expense of baking, the unpleasant
kneading of dough, the terrifying hazards of hot ovens, the
self-sacrifice required to arise early in the day.
> > > I am really ruling out vnconfig... too many caveats
> >
> > I have some cute ideas for vnd.
>
> look forward
They include such stunts as writing to a raw partition, without
benefit of filesystems. i.e. something like dd if=tarfile.gz
of=/dev/rsd2e with appropriate blocksize. This is as fast as it
gets. I believe dump(1) can do this, too. Maybe in the interests
of newbieism we should forget about that exercise, as it will amaze
and mystify.
....
> who's doctor Doom, btw?
http://en.wikipedia.org/wiki/Doctor_Doom
Also see this for the rodent tie-in:
http://upload.wikimedia.org/wikipedia/en/e/e8/DrDoomSquirrels.gif
Dave
--
"Confound these wretched rodents! For every one I fling away,
a dozen more vex me!" -- Doctor Doom
_______________________________________________
Openbsd-newbies mailing list
[email protected]
http://mailman.theapt.org/listinfo/openbsd-newbies
