Has anybody looked at the experimental patch source-filter_dest-filter.diff?
I wonder how the efficiency of this compares to rsyncrypto. I was thinking
I could do something like:
rsync --times-only --source-filter='openssl enc -e -bf -pass env:PASSWORD'
My biggest concern is if it would transfer everything because the source
doesn't match the encrypted content on the destination.
Integrated Computer Technologies
From: Shachar Shemesh [mailto:shachar@...]
Sent: Sunday, September 16, 2007 4:58 AM
To: Stephen Zemlicka
Subject: Re: VSS support, On the Fly Encryption, Link to How-To/Examples
Stephen Zemlicka wrote:
> First, I use a patched rsync currently that can rsync open pst files
> and am looking to implement it with sql and exchange databases.
> Here's the link http://users.tkk.fi/~epenttil/rsync-vss/
> <http://users.tkk.fi/%7Eepenttil/rsync-vss/> Can that be implemented
> into rsyncrypto?
I have a few problems with accessing open files. The most important
problem is that there is no guarantee that the file does not change
WHILE WE ARE READING IT. This means that, for all practical backup
purposes, this is a convenience/reliability tradeoff I'm extremely
hesitant to make.
That said, I did not spot, while going over the patch, anything more
sinister done in order to read open pst files than calling CreateFile
with "FILE_SHARE_READ", which is something rsyncrypto is already doing.
If you can direct me to the place where the magic is done, I may reconsider.
> Second, is it possible or do you plan on making on the fly encryption
> with rsync possible? That would be awesome.
I'm very hesitant to merge rsyncrypto and rsync. On the other hand,
there are plans to allow stdin to stdout encryption using rsyncrypto
(not in 1.0, though, so it will take some time), and this should allow
you to either merge the two yourself, or use librsync instead of rsync
(http://librsync.sourceforge.net/). In other words, there are some
plans, but not near term.
> Finally, in one of the posts, someone asked how to use it and you
> mentioned there was a link to examples and tutorials on the man page.
> I can't find them, do you have a direct link? My problem is with the
> key. I've generated a password protected .pem file from openssl and
> assume that goes in for the key but I'm not sure what to use for the
> "master key".
>From the man page, under the "BUGS" section:
> It is not yet possible to decrypt using password protected private key
The problem is mostly to do with lack of time on my part, and some
problems with how to pass the password securely in the case of batch
operations (though, I solved similar problems for sshpass,
http://sourceforge.net/projects/sshpass, so it should be solvable).
> Thanks for the great program and keep up the good work. I too see
> this as being a staple in many IT professional's arsenal. I know I
> will be passing the word along.
Thanks. Rsyncrypto was, originally, developed as part of our own
commercial remote backup, so passing a link to http://www.lingnu.com too
would be appreciated :-). Rsyncrypto being free software, this is, of
course, not a requirement.