Hi,
On Fri, 8 Aug 2008, ahd71 wrote: > (..) except the possibility to encrypt files saved at the remote > host. In some case I do not trust the remote end and wants to have my > information encrypted in some way. Can you explain your situation a bit more? Do you own and administer the remote server, but do not trust its physical location or the people that might have access to the physical device? Or is the box just a remote server, administered by someone else, possibly shared with other untrusted people, etc. Using an encrypted file system at the remote end wouldn't help you much if anybody except you has administrative rights on the machine. Mounted encfs will be accessible as if it were just another file system. Guarding against people pulling your remote server out of a rack and copying your data can be done by using encrypted filesystems, but again only when you're the only root on the machine AND you can make absolutely sure that the filesystem password you enter remotely will indeed go the the mount command (and not to some tweaked password-stealing script) on your box. Guarding against casual users at the remote end is easy: just chmod the backup tree so it is only accessible by you. If you're just a user on some other server, local encryption (at the remote site) will not prevent the (remote) adminsitrator from looking at your data while the rdiff-backup process is processing the files in memory. Maybe something like network block devices with an encryption layer at the trusted side may be an option. Never tried, tho. HTH, Maarten _______________________________________________ rdiff-backup-users mailing list at [email protected] http://lists.nongnu.org/mailman/listinfo/rdiff-backup-users Wiki URL: http://rdiff-backup.solutionsfirst.com.au/index.php/RdiffBackupWiki
