On 05/07/2017 05:23 PM, Andrew David Wong wrote: > > I prefer the security of qvm-backup[-restore], since it allows me to > keep the vault and its contents permanently offline. The entire VM is > BZIP compressed, AES-256 encrypted, and HMAC-SHA512 authenticated. The > integrity verification, authentication, and decryption all happen at > the dom0 level. The backup is tiny, so the storage overhead is > inconsequential, and there's no need to worry about file-level > metadata leakage or the backup file itself being used as an attack > vector. KeePassX has sufficient built-in versioning for me, and it's > easy enough to sync Qubes backups across machines with simple scripts.
Git push takes 5 seconds. qvm-backup requires anywhere between minutes and many hours. Additionally, it requires the target VM be off. Weekly backups are served okay by qvm-backup (I say "okay" because I have a borg backup setup on my Qubes OS system, and it's far more usable and performant than qvm-backup). Git push is much better suited to, say, syncing your keyring to other systems. -- Rudd-O http://rudd-o.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6da3112a-4873-bc02-4cac-34bf329c4a63%40rudd-o.com. For more options, visit https://groups.google.com/d/optout.