From: Arnold K. <ar...@ar...> - 2012-01-31 23:07:45
|
On Tuesday 31 January 2012 13:36:13 Joe Konecny wrote: > In an effort to fulfill an offsite backup requirement I had the idea to > place a password protected tar archive onto one or more of our users > laptops. The laptops are taken home each night and it would be quick to > ftp the archive sometime during the day. > > Does anyone think this is a bad idea? Replace that "password protected" by "gpg encrypted" and you get a good idea. A very good idea is when the private key is only on a secure machine in the admins possesion (and on an encrypted stick at the bosses home), only the public key is needed to encrypt the backup. Then the decryption can only be done with the private key. And onced you had to use that for a restore, you generate (and use!) a new key-pair for the new backups. Have fun, Arnold |