ecryptfs-users team mailing list archive

[John Magolske <listmail@xxxxxxx>]

* Dustin Kirkland <kirkland@xxxxxxxxxx> [110214 09:41]:
> On Sun, Feb 13, 2011 at 8:32 PM, John Magolske <listmail@xxxxxxx> wrote:
> > I'd like to create encrypted backups onto a remote server in such a
> > way that the remote server never sees anything unencrypted. The idea
> > would be to sync my home directory onto a local drive (using rsync or
> > rdiff-backup) into a directory that gets encrypted by ecryptfs, then
> > rsync that encrypted directory up to a remote server via ssh:
> 
> Your examples would work.
> 
> However, it can be much simpler than that if you're using an eCryptfs
> encrypted home director.
> 
> In that case, you just need:
>  $ rsync -aP $HOME/.Private/ example.com:/srv/backup/

I see, that makes sense. 

> All of the data in .Private is already encrypted. No decrypted
> information (or keys) would ever end up on the backup server.
> This is exactly what I do, FWIW.

Would filename encryption impact the rsync process in any way? Another
issue related to filename encryption would be retrieving files. If all
file & directory names are encrypted, it seems that to retrieve any
particular file would involve retrieving the entire ***GB chunk and
decrypting it locally. This is why I'm hoping the sshfs scenario might
work. I'll give it a try when I get a remote set up, just curious if
anyone has experience decrypting a remote directory locally via sshfs,
and if there might be any security issues related to that approach.

Regards,

John

-- 
John Magolske
http://B79.net/contact