--ieNMXl1Fr3cevapt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Curt Sampson (cjs@cynic.net) wrote:
=20
> I currently back up some of my systems by using dump, piping that
> through gzip, and then piping that into an ssh which, on the remote
> machine, terminates in a special script to drop the file in the
> appropriate place on the disk.=20

I dump my /home to /usr/backup, encrypt it, create a SHA1 hash=20
and transfer it to my server, where another SHA1 hash is created and
compared with the old one to ensure there were no errors during
networktransfer.

> Second, I'd like to encrypt these backups, since it's looking like it wou=
ld
> be more convenient for me to leave them on a machine which, unfortunatey,
> has a certain amount of public access. Does anyone have any suggestions on
> what to use?

If you just want to use symmetric encryption, I would suggest mcrypt, It's
available on pkgsrc/security and I use it for my backups to, it's fast with
AES-256 and I guess this should be enough.

But you should keep in mind that one single twisted bit can blow the whole
encrypted archive to kingdom come.=20

Another possibility would be to set up an encrypted directory using
pkgsrc/security/cfs, where your archives are to be stored.


Stefan
--=20
I have lost the will to live
Simply nothing more to give
There is nothing more for me
Need the end to set me free      - METALLICA

--ieNMXl1Fr3cevapt
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQE/eYmfEfTEHrP7rjMRAgz5AJ9T6yqnxl+nhvMgs/NHEo1fnZJwNwCfayGf
dCINUWft9lS1WpSnBP45Nns=
=mwBB
-----END PGP SIGNATURE-----

--ieNMXl1Fr3cevapt--