[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Asymmetric backups broken in 0.6.15?
|
From: |
Martin Pool |
|
Subject: |
Re: [Duplicity-talk] Asymmetric backups broken in 0.6.15? |
|
Date: |
Fri, 2 Sep 2011 18:01:38 +1000 |
> In any case, it is not possible for me to have my encryption passphrase on
> plain text on the server
It sounds like you're trying to have the backup source machine able to
write encrypted data but not read it back. I don't know if this is
going to work in duplicity because the source machine needs to be able
to read the previous increments to work out what it's going to send
and to calculate the deltas. So even if you're using an asymmetric
encryption key, it needs both the public and private halves as far as
I know.
> Having my encryption passphrase in plain text on the server compromises my
> backups if the encryption key is somehow leaked.
Well, specifically it means that if someone breaks into the source
server, they'll be able to read all the backed-up history of that
server. That's not great, but to me it's only slightly bad because
they can already directly read all the current contents of the files
off the source server, and mess with it in other ways.
Note that there's no need to have the keys on the machine holding the
backups and breaking in there shouldn't let them read anything (though
perhaps they can delete or damage your backups.)
Martin