Re:[091labs-public] Re: [galway-lug] Encrypting external HDD backups - suggestions?
3 views
Skip to first unread message
Pete
Jun 2, 2012, 1:46:56 PM6/2/12
to 091labs...@googlegroups.com
have a look at bacula also, it might be a bit too much for a single desktop as it us ment for multiple servers and has a learning curve, but it is very powerful and intelligent.
Aaron Hastings <aa...@091labs.com> wrote:
Many thanks to everyone for the excellent replies.
Here's my thoughts on the two main suggestions:
Deja Dup
I decided to use Deja Dup initially, as it came with Ubuntu and was the default backup solution. After only one or two backups, I decided to stop using it. The reasons were mostly based on feedback from existing users and from watching a video from UDS where Deja Dup was first suggested as a backup solution for Ubuntu.
My problem with 'Dup is that it only appears to be useful in the case of an absolute and catastrophic loss of all data. By its very design, it lacks the ability to read back individual files, seemingly making it an "everything or nothing" solution. This is because of how Duplicity works, by compressing and GPG encrypting blocks of files all at once. This isn't an acceptable solution to me, as I want full control over each individual file, even if it means decrypting Tar archives just to gain access to one .txt file.
TrueCrypt
I'll definitely be looking into TC based on the support some of you guys have given it. I suppose I was looking for a more manual solution in a sense. One where I know exactly what's happening and how, which is why I said I was open to - if a little weary of - writing my own scripts.
Mark - that last link you provided is very interesting and is very similar to what I was talking about in the above paragraph, i.e. writing my own scripts based around piping Tar, Gzip and Rsync commands into each other. I don't need a time-based solution, so I'll be leaving out the Cron element.
Cheers,
Aaron
On 28/05/12 23:55, Mark O'Connor wrote:
Aaron Hastings <aa...@091labs.com> wrote:
Many thanks to everyone for the excellent replies.
Here's my thoughts on the two main suggestions:
Deja Dup
I decided to use Deja Dup initially, as it came with Ubuntu and was the default backup solution. After only one or two backups, I decided to stop using it. The reasons were mostly based on feedback from existing users and from watching a video from UDS where Deja Dup was first suggested as a backup solution for Ubuntu.
My problem with 'Dup is that it only appears to be useful in the case of an absolute and catastrophic loss of all data. By its very design, it lacks the ability to read back individual files, seemingly making it an "everything or nothing" solution. This is because of how Duplicity works, by compressing and GPG encrypting blocks of files all at once. This isn't an acceptable solution to me, as I want full control over each individual file, even if it means decrypting Tar archives just to gain access to one .txt file.
TrueCrypt
I'll definitely be looking into TC based on the support some of you guys have given it. I suppose I was looking for a more manual solution in a sense. One where I know exactly what's happening and how, which is why I said I was open to - if a little weary of - writing my own scripts.
Mark - that last link you provided is very interesting and is very similar to what I was talking about in the above paragraph, i.e. writing my own scripts based around piping Tar, Gzip and Rsync commands into each other. I don't need a time-based solution, so I'll be leaving out the Cron element.
Cheers,
Aaron
On 28/05/12 23:55, Mark O'Connor wrote:
Duplicity ========= I see that others have recommended this, and it's GUI front end deja-dup. I haven't used this but looks like a great option for personal backups. I like it's built in support for upload to Amazon S3. Rsyncrypto ========== rsync friendly file encryption: http://rsyncrypto.lingnu.com/index.php/Home_Page http://archive09.linux.com/feature/125322 Encrypted remote file systems ====================== See the following article: http://balau82.wordpress.com/2009/08/23/secure-remote-storage-using-sshfs-and-encfs/ Basically mount an encrypted remote file system using Fuse and then use rsync locally to backup files. Old fashioned tar files ======================== You said you don't mind scripting? The following is an interesting read: http://anouar.im/2011/12/how-to-backup-with-rsync-tar-gpg-on-osx.html It's useful to keep on-line snapshots of your file system, similar to Apple's time-machine. Regards, MArk On Mon, 2012-05-28 at 22:11 +0100, Aaron Hastings wrote:Hi all, I backup my files regularly to my external HDD using rsync (through the Grsync frontend). I'd ideally like to encrypt these files once they're on the external drive and am looking for elegant solutions to do so. I've been working with and familiarizing myself with GnuPG of late, but my assumption is that if every file on the HDD was encrypted, it would first need to be decrypted with my private key before rsync could do anything with the files. Afterwards they would then need to be re-encrypted. I'm throwing it out to both the Galway Linux Users Group and 091 Labs public mailing lists to see what others suggest is the best way to go about this. I'm not totally opposed to writing my own rsync scripts, but if anyone has a more elegant solution (that guarantees the integrity and validity of my files pre and post-encryption) I'd be delighted to hear them! Cheers! Yours in blissful paranoia, Aaron
Richey Ward
Jun 3, 2012, 7:09:06 AM6/3/12
to 091labs...@googlegroups.com
Reading the good review of truecrypt here, I wiped my backup drive, and now exclusively use truecrypt and rsync on it. I've never lookeed back.
I was using deja-dup for a while, and was grand, but parts of it pissed me off. If you want incremented backups (so you can have old copies of files) then deja is worth a look, otherwise truecrypt and rsync.
Duncan Thomas
Jun 3, 2012, 7:31:40 AM6/3/12
to 091labs...@googlegroups.com
rbackup is one of the many tools that add incremental backup to rsync
without changing the main usecase much...
--
Duncan Thomas
without changing the main usecase much...
Duncan Thomas
Richey Ward
Jun 3, 2012, 12:20:20 PM6/3/12
to 091labs...@googlegroups.com
Nice one. I didn't know that this existed.
I installed rdiff-backup and once again, I've migrated my backup solution. This has the best of both worlds. Thanks for the heads up.
Reply all
Reply to author
Forward
0 new messages