[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [rdiff-backup-users] Information

From: Dominic Raferd
Subject: Re: [rdiff-backup-users] Information
Date: Tue, 04 Jun 2013 15:51:25 +0100
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6

Bonjour Ibrahim

rdiff-backup does not have any built-in encryption. Also based on my experience rdiff-backup should not be run directly over the internet, it should be run on a lan (or of course a single machine) and then the rdiff-backup repository (archive) mirrored over the internet using rsync. This works very well for maintaining offsite data backup and the internet transmission is secured with ssh. This approach is used by my TimeDicer package (http://www.timedicer.co.uk). However this assumes that both source and destination are secure.

It is possible to wrap rdiff-backup in some encryption e.g. with encfs or ecryptfs. Another option is to look at project duplicity http://duplicity.nongnu.org/. Duplicity grew out of rdiff-backup, however: -rdiff-backup's archives are meant to be as easy to view as possible, while duplicity's are as hard to view as possible and can be encrypted with GnuPG - duplicity saves data in the more conventional full+forward delta format instead of rdiff-backup's mirror+reverse deltas - rdiff-backup requires another copy of rdiff-backup on the remote destination, while duplicity currently supports local file storage, scp/ssh, ftp, rsync, HSI, WebDAV, Tahoe-LAFS, and Amazon S3

Note: the use of forward delta/diff format by duplicity means that recovering data from the most recent incremental backup requires a complete undamaged set of incremental backups from the original full backup until the most recent date; in order to reduce this dependency and the associated risk many duplicity users carry out new full backups every month or so, but this means you lose all your older backups (or if you retain them and create a parallel new archive you lose most of the advantage of the delta storage). rdiff-backup, by contrast, stores the most recent backup 'in the clear' so it is always easy to retrieve (not even requiring the use of rdiff-backup itself), and the backup increments apply in reverse order, so most recent backups are inherently safer and older backups more vulnerable.


On 04/06/2013 19:25, Ibrahim Dembele wrote:
Good morning Sir,

I am working on a project which consist to use rdiff-backup to make
backup of data on line.
So looking on internet i don't find anyway if rdiff-backup can make
encryption component
of data send

Reason why i contact you, thank you for yor help.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]