[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Duplicity for this?
|
From: |
edgar . soldin |
|
Subject: |
Re: [Duplicity-talk] Duplicity for this? |
|
Date: |
Sat, 29 Mar 2014 10:15:40 +0100 |
|
User-agent: |
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 |
On 29.03.2014 01:59, Grant wrote:
> I have three systems in three locations. Two of the systems contain
> important data that needs to be backed up. I was thinking the two
> important systems could push to the unimportant system and then pull
> each other's data from there. That way the only accessible system is
> the unimportant system.
duplicity makes secure backups to potentially insecure (remote) file storages.
so generally speaking, yes.
using the accessible machine as peering location is kind of dangerous as you
might mirror tampered (corrupted) backups to your other machines in case
someone broke in there.
> Is duplicity a good fit for this? Is it a better choice than incremental tar?
can you encrypt incremental tar's?
you might also want to consider
http://liw.fi/obnam/
here's a list of backup programs to go through
https://wiki.archlinux.org/index.php/Backup_Programs
> Previously I was planning on rsyncing but I would like the data to be
> encrypted at rest. I was planning to rsync to an accessible location
> on the destination system and then run rdiff-backup from that location
> to an inaccessible location on the same system so old versions of the
> data would be clean if the private SSH key were compromised. Can I
> accomplish something similar when using duplicity instead of rsync?
>
dunno what you mean here.
there is no "inaccessible location on a same machine". you'll have to assume
your intruder has a privilege escalation exploit and go everywhere.
.. ede/duply.net