Menu
▾
▴
Re: [Bacula-users] setting up an autochange in the cloud
|
From: Stefan G. W. <li...@xu...> - 2024-10-21 07:45:31
|
Am 20.10.24 um 20:13 schrieb Marcin Haba: >> There is an option "Volume encryption" in the cloud storage resource, I >> assume this would be redundant, right? > > This is the storage daemon data volume encryption directive. It is not > used for the file daemon encryption. > >> As far as I understand if the fd delivers encrypted data, it goes >> encrypted to the cloud storage, right? > > Yes, exactly like that. > In this encryption the file metadata is unencrypted but the file data is. So that means for best protection I would need "storage daemon data volume encryption"? Or even better: enable both? I assume enabling both would add overhead in terms of CPU usage etc Is there a working example somewhere? Just setting "Volume Encryption = yes" leads to issues labelling the volumes here, I assume that a keypair is needed somewhere. thanks |
