RE: VSS support, On the Fly Encryption, Link to How-To/Examples
Brought to you by:
thesun
From: Stephen Z. <ste...@gm...> - 2007-09-18 23:40:33
|
Has anybody looked at the experimental patch source-filter_dest-filter.diff? I wonder how the efficiency of this compares to rsyncrypto. I was thinking I could do something like: export PASSWORD=foo rsync --times-only --source-filter='openssl enc -e -bf -pass env:PASSWORD' <...> My biggest concern is if it would transfer everything because the source doesn't match the encrypted content on the destination. _____________________________ Stephen Zemlicka Integrated Computer Technologies PH. 608-558-5926 E-Mail ste...@gm... -----Original Message----- From: Shachar Shemesh [mailto:sh...@sh...] Sent: Sunday, September 16, 2007 4:58 AM To: Stephen Zemlicka Cc: rsy...@li... Subject: Re: VSS support, On the Fly Encryption, Link to How-To/Examples Stephen Zemlicka wrote: > > First, I use a patched rsync currently that can rsync open pst files > and am looking to implement it with sql and exchange databases. > Here's the link http://users.tkk.fi/~epenttil/rsync-vss/ > <http://users.tkk.fi/%7Eepenttil/rsync-vss/> Can that be implemented > into rsyncrypto? > I have a few problems with accessing open files. The most important problem is that there is no guarantee that the file does not change WHILE WE ARE READING IT. This means that, for all practical backup purposes, this is a convenience/reliability tradeoff I'm extremely hesitant to make. That said, I did not spot, while going over the patch, anything more sinister done in order to read open pst files than calling CreateFile with "FILE_SHARE_READ", which is something rsyncrypto is already doing. If you can direct me to the place where the magic is done, I may reconsider. > > > > Second, is it possible or do you plan on making on the fly encryption > with rsync possible? That would be awesome. > I'm very hesitant to merge rsyncrypto and rsync. On the other hand, there are plans to allow stdin to stdout encryption using rsyncrypto (not in 1.0, though, so it will take some time), and this should allow you to either merge the two yourself, or use librsync instead of rsync (http://librsync.sourceforge.net/). In other words, there are some plans, but not near term. > > Finally, in one of the posts, someone asked how to use it and you > mentioned there was a link to examples and tutorials on the man page. > I can't find them, do you have a direct link? My problem is with the > key. I've generated a password protected .pem file from openssl and > assume that goes in for the key but I'm not sure what to use for the > "master key". > >From the man page, under the "BUGS" section: > It is not yet possible to decrypt using password protected private key The problem is mostly to do with lack of time on my part, and some problems with how to pass the password securely in the case of batch operations (though, I solved similar problems for sshpass, http://sourceforge.net/projects/sshpass, so it should be solvable). > > > > Thanks for the great program and keep up the good work. I too see > this as being a staple in many IT professional's arsenal. I know I > will be passing the word along. > Thanks. Rsyncrypto was, originally, developed as part of our own commercial remote backup, so passing a link to http://www.lingnu.com too would be appreciated :-). Rsyncrypto being free software, this is, of course, not a requirement. Shachar |