Menu
▾
▴
Re: [Bacula-users] tape Encryption questions.
|
From: Landon F. <la...@op...> - 2006-10-21 23:40:59
|
On Oct 5, 2006, at 11:21 AM, Deric Abel wrote: > Hello all, Two questions -: > > 1. Is the tape encryption all or nothing, or is it possible to > pick and > choose what files/directories are or are not? If so, how? The file daemon encryption is all-or-nothing. > > 2. If a disaster occurred and all you had was the master key (lost > the > individual client .pem file), how would you go about restoring data > from > an encrypted tape? (if this is documented somewhere, forgive the > question and point me in the right direction.) This is the worst-case scenario -- you should endeavor to back up individual client keys to a CD, offsite. If you need to restore with only the master key, you will need to restore to a File Daemon that references the keypair via the PKI Keypair directive. -landonf |