From: Guillaume F. <gf...@lo...> - 2002-07-03 20:21:36
|
Hi all (again), While playing with BackupPC, I realised that having a centralised backup server where all the important files are kept can represent a major security risk. If someone "roots" the backup server, the attacker has access to every important files in the business. Wouldn't it be a good idea to use an encryption system so that only a particular user can restore their files. This could be done relatively easily using a public key system (PGP/GPG): every user has a private/public key pair. A copy of the user's public key is on the backup server. Before backuppc stores a file on disk, it encrypts it with the user's public key. The user's private key would be needed to restore the files. It seems to me that it wouldn't break BackupPC's pooling mechanism as long as the md5 of the files are taken before they're encrypted. I know that by having superuser access to the backup server, an attacker gets every computer smb/ssh password in backuppc's config file and will eventually be able to access every file anyway. But he still would have to connect to every computer and download the files; rather than having instant access to all of them. I'm not sure if it's worth the trouble to implement. I'm sure that there would be lots of problems like "I had not backuped my private key" or "I backuped my private key with my other files using backuppc." =46ood for taught... GFK's -- Guillaume Filion Logidac Tech., Beaumont, Qu=E9bec, Canada - http://logidac.com/ PGP Key and more: http://guillaume.filion.org/ (this will redirect) PGP Fingerprint: 14A6 720A F7BA 6C87 2331 33FD 467E 9198 3DED D5CA |