Automating backups to an encrypted drive
lanas
lanas at securenet.net
Sun Jan 27 03:13:43 UTC 2008
On Saturday, 26 January 2008 22:58:01 +0000,
Alan Cox <alan at lxorguk.ukuu.org.uk> wrote :
Sorry for the earlier private-only reply as Syöpheed Claws sometimes
takes only the private maila ddress for replys. I always have to
verify before sending which is something I'm not still used to do.
> You want any backup drive physically removed and unconnected most of
> the time or a PSU failure/nearby lightning strike will blow both the
> original disk and backup disk to kingdom come at once.
That's also a very good reason. Encryption is thought of as an add-on
because the drives are rotated off-site. Since the drive are
traveling, might as well add encryption. I ran some tests with
dm-crypt and it's surprising how little overhead encryption incurs. In
one instance, a 2GB copy to an encrypted partition was 1 second faster
than to a regular partition (with machine reboots in between just to be
sure no cache mechanism gets in the way).
Add to that all the recurring news stories about laptops stolen or lost
and some such involving lost data of various kind, encryption then makes
a lot of sense.
I guess there's no other way than having the password in clear text in
a script. The script could be then be made readable only by root,
everybody else gets a permission denied. That could perhaps suffice.
Cheers,
Al
More information about the fedora-list
mailing list