[prev in list] [next in list] [prev in thread] [next in thread]
List: tarsnap-users
Subject: Re: Automated tarsnap backups.
From: Nick Sivo <nick () ycombinator ! com>
Date: 2014-02-14 18:52:37
Message-ID: CAM72HBbj=m4A4q4aBU9QW_b9u4xYnhjQofa=av2J+=6pU8fxxg () mail ! gmail ! com
[Download RAW message or body]
I perform 4 automated backups per day. I used tarsnap-keymgmt to make
a key with only rw access. My thinking:
* Access to the key (root on the server) implies access to the data on
the server, so read is already granted.
* Write since it's needed to make backups.
In this case the only thing worse than getting root on the box (and
reading the tarsnap key) would be deleting the data *and* all backups,
which this specifically prevents.
-Nick
On Fri, Feb 14, 2014 at 10:43 AM, Joshua Kolash <joshua.kolash@gmail.com> wrote:
> Curious Question for people who use tarsnap for automated backups.
>
> I assume most people just have the keyfile as unencrypted, as it doesn't
> require any prompting.
>
> Does anyone keep the keyfile encrypted and have automated backups?
>
> I'm imagining the following server setup.
>
> Have a BackupBox with the encrypted keyfile and the backup contents.
>
> Have a PasswordBox with the password to the keyfile and have the PasswordBox
> simply ssh into the BackupBox and enter the password into tarsnap on a
> regular basis. The PasswordBox can then be sealed off except for
> re-initializing the password and ssh schedule. In effect it is like having a
> single purpose ssh-agent that lasts forever for narrowly defined tasks.
>
> Does anyone do anything like this? Or is this needless complexity for little
> if any security gain? You still need to trust BackupBox to not be evil.
>
> As I want automated backups I think the only point to encrypting the keyfile
> would be for the printed paper backup.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic