[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Why should i sign my backup
From: |
Yves Goergen |
Subject: |
Re: [Duplicity-talk] Why should i sign my backup |
Date: |
Tue, 21 Sep 2010 20:28:19 +0200 |
User-agent: |
Thunderbird 2.0.0.24 (Windows/20100228) |
On 21.09.2010 16:26 CE(S)T, Martin Basting wrote:
> I am exploring duplicity for a few days now, but is till have one question.
> Why should i use the --sign-key command?
> The only thing that i can imagine is that you can check the integrity of
> the backup.
> But does it has any other advantages? Because you have to place a
> password in you script i would say that it even is unsecure.
I think you may not trust that signature if *your* server was hacked,
but you could very well trust it if only the backup location was hacked.
Although I believe it is very unlikely that somebody could manipulate
your backup in a reasonable way if it's entirely encrypted again. To
manipulate things, you usually read them and write back small modifications.
--
Yves Goergen "LonelyPixel" <address@hidden>
Visit my web laboratory at http://beta.unclassified.de