provide a simple script to allow people to tar/encrypt/backup their important directories #11
Comments
|
Precursor Q: Are you going with disk encryption? |
|
Firstly, thank you for your support and participation with this project so far kyle0r! You make this project a lot more fun, so thank you! :) Given that users are encrypting their file before uploading, I haven't heard a motivating case for disk encryption. |
|
All good, interesting project to input on :) Its the kinda thing I'd do if I had the time/hardware/etc. So its nice to give input on something I can't do myself but might be able to help other with, perhaps selfish and unselfish at the same time ?! :) On the disk crypt stuff, I understand, I guess it would be nice to say "your stuff encrypted" on our end, which adds a physical layer of security, should the server physically be lifted for some reason. In the physical breach worst case, this would protect users where their choice was none or partial crypting of their stuff prior/during upload. I'd still encourage/provide the facility for people to self-crypt their stuff too, to avoid issues of the server is breached while online. Ideally this will be done with a crypt key that on the user has/knows. Additional thought, you could run a sweep on uploads mime types on an interval, and advise if you detect non-crypted files. Perhaps even educating users that non-crypted files are auto-removed after X hours to avoid the risk to peoples data? I've been thinking how one could hook uploads and encrypt them on the users behalf, but I've not thought of a way to do that without a shared key, the obvious disadvantage with shared keys is who has access to decrypt the data, its a weaker approach imho. Perhaps a clever client side script is the best approach, you could even code things so only the script, or something that meets the scripts minimum security spec could actually upload. i.e. purge insecure uploads or such. It would probably be fairly easy to add a signature to things uploaded via the script, so you could check uploads for 1) encryption and 2) the uploader script signature, to be able to say "this file was safely uploaded". Thinking out loud, I guess the upload script, when used the first time, would prompt the user to set up their encryption and security settings, etc. That was a bit of brain dump, hope it helps some |
Interesting idea!
yeah, I'd like to stick with guaranteed data privacy those are good ideas with the script walking through the encryption and stuff, I'll rough something out! |
|
Somebody has contributed a beginning to this at http://wiki.tarbackup.com/index.php?title=Main_Page#Script_All_the_Things |
|
A sample 'backup script' written in python http://piqd.com/api?g=02ACDB2B-D13D-45D3-A8DD-EC6ABACC2F2E since it uses the curl interface for uploads, it only supports 200MB backups, but it can be updated to support sftp like the Script_All_the_Things script does example usage is: |
No description provided.
The text was updated successfully, but these errors were encountered: