ecryptfs-users team mailing list archive
-
ecryptfs-users team
-
Mailing list archive
-
Message #00063
Re: Remote encrypted backups with ecryptfs, rsync, rdiff-backup & ssh?
Quoting John Magolske (listmail@xxxxxxx):
> Hi,
>
> I'd like to create encrypted backups onto a remote server in such a
> way that the remote server never sees anything unencrypted. The idea
> would be to sync my home directory onto a local drive (using rsync or
> rdiff-backup) into a directory that gets encrypted by ecryptfs, then
> rsync that encrypted directory up to a remote server via ssh:
>
> (A) Simple mirror:
>
> % sudo mount -t ecryptfs /drive/encrypt /drive/decrypt
> % rsync -av --delete /home/john /drive/decrypt
> % sudo umount -i /drive/decrypt
> % rsync -av --delete -e ssh /drive/encrypt user@xxxxxxxxxxxxxx:/backup
Should be fine. I do effectively this for several directories.
> (B) Mirror with increments using rdiff-backup:
>
> % sudo mount -t ecryptfs /drive/encrypt /drive/decrypt
> % rdiff-backup /home/john /drive/decrypt
> % sudo umount -i /drive/decrypt
> % rsync -av --delete -e ssh /drive/encrypt user@xxxxxxxxxxxxxx:/backup
Should be fine. Haven't used rdiff-backup in 4 or 5 years, but
there should be nothing stopping it from working.
> (C) Use sshfs to mount the remote encrypted backup & decrypt it locally:
>
> % sshfs user@xxxxxxxxxxxxxx:backup /remote-encrypt
> % sudo mount -t ecryptfs /remote-encrypt /remote-decrypt
> % cd /remote-decrypt
I don't know how sshfs works in the background, but this one
would worry me.
-serge
References