Encrypted backup


(Vasco) #1

Hi

Due to store the files in an external box or cloud should be possible encrypt the files as in Ubuntu desktop (uses duplicity)


Disaster Recovery with mirror encrypted data
(Alessio Fattorini) #2

Currently no, I don’t know if @giacomo has any hint…


(Giacomo Sanchietti) #3

Yes, duplicity can encrypt the backup, but we don’t use for a very simple reason: users usually lose their cryptographic keys. :smiley:

To add the encryption you should modify a couple of scripts, if you’re interested I can post the details but be aware that you will lose these changes if the RPM will be updated.


(Vasco) #4

Hi Giacomo,

[Keepass][1] [1]: http://keepass.info/ and [Keepassx][2] [2]: https://www.keepassx.org/ are great password managers. :slight_smile:

Encryptation should be an option. Everyone store data in clouds this days and no one know how the storage providers handle the data security.

If you send me the script changes and the changes will work with the updated RPM’s I don’t have any problem with that.


(Giacomo Sanchietti) #5

You need to remove the “–no-encryption” option from the following files:

  • /etc/e-smith/events/actions/backup-data-duplicity
  • /etc/e-smith/events/actions/cleanup-data-duplicity
  • /etc/e-smith/events/actions/restore-config-duplicity
  • /etc/e-smith/events/actions/restore-data-duplicity

Duplicity should run an encrypted backup on the first run.


(Stéphane de Labrusse) #6

+1

@davidep @giacomo it is possible to get this option as a standard ?


(Giacomo Sanchietti) #7

Be aware than duplicity will request to type the GPG password every time.

I think it is, but we need a little bit of code to handle GPG key generation and avoid password request.
Anyone else is interested in this feature?


(Vasco) #8

@giacomo

Thanks for the configuration.
If I uderstand I need to supply every backup wiyh the key and wil be entered manualy, yes?

I’m interessed to have this option as a standard


(Michele Bortolotto) #9

It would good if we can choose to get or not (a checkbox for ex)the encription


(Mark Edworthy) #10

I use PGP to sign and / or encrypt files and e-mail quite often, I was just considering the usage of Truecrypt or EncFS as an alternative


(Michele Bortolotto) #11

Btw it’s a good option +1 for me


(Giacomo Sanchietti) #12

You have to manually type the password every time.
Duplicity has an option to avoid password request but I didn’t study it.


(Giacomo Sanchietti) #13

It seems there is interest for encrypted backup support, so we need to dig a bit into duplicity and find a simple way to script the GPG management process.

But I still have a big doubt: what happens in case of disaster recovery?
Your machine suddenly dies and you must restore configuration and data.
If the backup is not encrypted, the sysadmin can configure the data backup and quickly restore the configuration from there (and then proceed with slow process of restoring data).

But if the data backup is encrypted, and the configuration backup hasn’t been stored anywhere else, how can we restore the configuration backup? Where is saved the GPG key?
Does the sysadmin have to copy the GPG key in a well-known place using SSH?

If the sysadmin hasn’t saved GPG keys in a safe location, all data are lost!

Any better solutions or ideas?


(Stéphane de Labrusse) #14

does a car can’t start if your security belt is not close ?

I’m not sure, but in fact a big warning and a documented howto could do the trick, and after all a sysadmin is a responsible adult.


(Michele Bortolotto) #15

@stephdl you’re very optimistic person :smiley:


(Stefano) #16

my 2c:

data encryption should be done externally… I mean: backup should be unencrypted… if I (the sysadmin) want encryption, I have to do it with my preferred tool… in this way all the responsibility is on my shoulders.
tools like NS (i.e. highly “automated”) could be “diseducational” and we’s always remember that we’re talking about an ENTERPRISE product… we’d help sysadmins, not substitute them

all IMVHO


(Stéphane de Labrusse) #17

not at all, a realistic freedom lover :slight_smile:


(Vasco) #18

Ok, thanks

Backup settings with that option is the way to go, I think

Who chose an encrypted backup enter the key.
Who don’t want, do not enter the key and the backup is unencrypted


(Kristian Malvander) #19

I would love to be able to encrypt the backups as an option. +1


(Mark Edworthy) #20

I agree, GPG keys would be a better alternative then password based backups.