rsyncrypto-devel Mailing List for rsync friendly file encryption (Page 21)
Brought to you by:
thesun
Menu
▾
▴
rsyncrypto-devel — Development discussions, bug reports, and announcements for rsyncrypto
You can subscribe to this list here.
| 2005 |
Jan
|
Feb
|
Mar
(2) |
Apr
(2) |
May
(7) |
Jun
(5) |
Jul
(12) |
Aug
(29) |
Sep
(6) |
Oct
(5) |
Nov
(18) |
Dec
(4) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2006 |
Jan
(13) |
Feb
(3) |
Mar
|
Apr
(5) |
May
(6) |
Jun
(8) |
Jul
|
Aug
(1) |
Sep
(3) |
Oct
(2) |
Nov
(23) |
Dec
(2) |
| 2007 |
Jan
(47) |
Feb
(4) |
Mar
(4) |
Apr
|
May
|
Jun
(8) |
Jul
(2) |
Aug
|
Sep
(6) |
Oct
|
Nov
(24) |
Dec
(17) |
| 2008 |
Jan
(4) |
Feb
(22) |
Mar
(25) |
Apr
(19) |
May
(76) |
Jun
(34) |
Jul
(18) |
Aug
(2) |
Sep
|
Oct
(4) |
Nov
|
Dec
(3) |
| 2009 |
Jan
|
Feb
(13) |
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
(9) |
Aug
(7) |
Sep
(2) |
Oct
(3) |
Nov
|
Dec
(4) |
| 2010 |
Jan
|
Feb
(4) |
Mar
|
Apr
(3) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(7) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(3) |
Dec
(1) |
| 2014 |
Jan
|
Feb
|
Mar
(14) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
| 2015 |
Jan
|
Feb
(6) |
Mar
(2) |
Apr
|
May
|
Jun
(4) |
Jul
|
Aug
|
Sep
(4) |
Oct
(1) |
Nov
|
Dec
|
| 2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(5) |
Dec
|
| 2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
(5) |
Oct
|
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(3) |
Oct
(7) |
Nov
|
Dec
|
| 2019 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(7) |
Dec
|
|
From: Shachar S. <rsy...@sh...> - 2006-01-13 21:58:40
|
Gerald Boersma wrote: >Shachar: > > >Yup, it is part of the standard gzip. That was a waste of time... > > Glad to be of service :-) >>This means you could have just done "apt-get >>install rsyncrypto"... :-) >> >> > >Version 0.13. > So long as you did not waste time twice... :-) > I really wanted the filename encryption, so I built 0.16 >myself. > > Good practice, as I'll probably want you to test the fix before I release a new rsyncrypto. >BTW, I have also built and patched argtable. If I specify rsyncrypto >with no options, I still get a segfault. > I know. It's due to the fact that with no proper argument checking, rsyncrypto then tries to use an empty private key, which causes openssl to segfault. The exception based error handling was introduced after that code was written, and with so many fundemental features still missing, I never got around to fixing it. To me, making sure that rsyncrypto works when all arguments are correct is so much more important than making rsyncrypto detect user errors that some things got pushed aside. Sorry. > As long as I specify an option, >(e.g. --help), I no longer get the fault. > > You can also use the newer version of argtable. I have not gotten around to creating a deb for it (if you're reading this, Steward, then at least know I feel guilty). >Thanks for your contribution and help. Much appreciated. > > Thanks. It's great to know you do something that people find useful. >Cheers, >Gerald > > -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html |
|
From: Gerald B. <ge...@le...> - 2006-01-13 17:36:26
|
Shachar: Thanks for the quick response. > Actually, Ubuntu is Debian based, which means that the built-in gzip > probably has the relevant patch already. Run "gzip --rsyncable" on your > standard gzip, if it worked, you needn't have bothered. No harm done, > one way or the other. Yup, it is part of the standard gzip. That was a waste of time... > BTW, what version of rsyncrypto does Ubuntu universe carry at the > moment? As Debian Sid carries 0.16, I would have expected Ubuntu > Universe to carry it too. This means you could have just done "apt-get > install rsyncrypto"... :-) > Version 0.13. I really wanted the filename encryption, so I built 0.16 myself. BTW, I have also built and patched argtable. If I specify rsyncrypto with no options, I still get a segfault. As long as I specify an option, (e.g. --help), I no longer get the fault. Thanks for your contribution and help. Much appreciated. Cheers, Gerald On Fri, 2006-13-01 at 15:01 +0200, Shachar Shemesh wrote: > Gerald Boersma wrote: > > >RE: rsycrypto v0.16 compiled for Ubuntu Breezy 5.10, with gzip > >re-compiled with rsync patch as per instructions. > > > > > Actually, Ubuntu is Debian based, which means that the built-in gzip > probably has the relevant patch already. Run "gzip --rsyncable" on your > standard gzip, if it worked, you needn't have bothered. No harm done, > one way or the other. > > BTW, what version of rsyncrypto does Ubuntu universe carry at the > moment? As Debian Sid carries 0.16, I would have expected Ubuntu > Universe to carry it too. This means you could have just done "apt-get > install rsyncrypto"... :-) > > >New file name encryption options are useful. However, I am having > >problems decrypting files where the name has been encrypted. > > > >For example, I encrypt files as follows: > > > >rsyncrypto --name-encrypt=backup/names -c --delete-keys -v -r > >data/personal backup/files/data/personal backup/keys/data/personal > >backup/backup.key > > > >and then try to restore them as follows: > > > >rsyncrypto --name-encrypt=backup/names -v -r -d > >backup/files/data/personal data/personal backup/keys/data/personal > >backup/backup.key > > > >and I get the following error: > > > >Filename translation not found(D983AC51E949450A91A507289505A733): > >Success > > > > > Yes, I get a similar problem when I go through a similar path. > > The directory recursion code in rsyncrypto was greatly complicated as a > result of the file name encryption option. Consider this bug report > acknowledged, and give me some time to try and track it down. Thank you > very much for your report. > > >I get the same error if I try again without specifying a filename for > >the --name-encrypt option (just -n option). > > > > > Yes, the way by which you tell it to encrypt file names does not change > rsyncrypto's behavior when it does. > > >Any ideas? > > > > > I'll get back to you as soon as I can. > > >Thanx, > >Gerald > > > >Gerald Boersma > >Leading Light Consulting Inc. > >Vancouver, BC Canada > > > > > Shachar > |
|
From: Shachar S. <rsy...@sh...> - 2006-01-13 13:01:20
|
Gerald Boersma wrote: >RE: rsycrypto v0.16 compiled for Ubuntu Breezy 5.10, with gzip >re-compiled with rsync patch as per instructions. > > Actually, Ubuntu is Debian based, which means that the built-in gzip probably has the relevant patch already. Run "gzip --rsyncable" on your standard gzip, if it worked, you needn't have bothered. No harm done, one way or the other. BTW, what version of rsyncrypto does Ubuntu universe carry at the moment? As Debian Sid carries 0.16, I would have expected Ubuntu Universe to carry it too. This means you could have just done "apt-get install rsyncrypto"... :-) >New file name encryption options are useful. However, I am having >problems decrypting files where the name has been encrypted. > >For example, I encrypt files as follows: > >rsyncrypto --name-encrypt=backup/names -c --delete-keys -v -r >data/personal backup/files/data/personal backup/keys/data/personal >backup/backup.key > >and then try to restore them as follows: > >rsyncrypto --name-encrypt=backup/names -v -r -d >backup/files/data/personal data/personal backup/keys/data/personal >backup/backup.key > >and I get the following error: > >Filename translation not found(D983AC51E949450A91A507289505A733): >Success > > Yes, I get a similar problem when I go through a similar path. The directory recursion code in rsyncrypto was greatly complicated as a result of the file name encryption option. Consider this bug report acknowledged, and give me some time to try and track it down. Thank you very much for your report. >I get the same error if I try again without specifying a filename for >the --name-encrypt option (just -n option). > > Yes, the way by which you tell it to encrypt file names does not change rsyncrypto's behavior when it does. >Any ideas? > > I'll get back to you as soon as I can. >Thanx, >Gerald > >Gerald Boersma >Leading Light Consulting Inc. >Vancouver, BC Canada > > Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html |
|
From: Gerald B. <ge...@br...> - 2006-01-13 05:34:31
|
RE: rsycrypto v0.16 compiled for Ubuntu Breezy 5.10, with gzip re-compiled with rsync patch as per instructions. New file name encryption options are useful. However, I am having problems decrypting files where the name has been encrypted. For example, I encrypt files as follows: rsyncrypto --name-encrypt=backup/names -c --delete-keys -v -r data/personal backup/files/data/personal backup/keys/data/personal backup/backup.key and then try to restore them as follows: rsyncrypto --name-encrypt=backup/names -v -r -d backup/files/data/personal data/personal backup/keys/data/personal backup/backup.key and I get the following error: Filename translation not found(D983AC51E949450A91A507289505A733): Success I get the same error if I try again without specifying a filename for the --name-encrypt option (just -n option). Any ideas? Thanx, Gerald Gerald Boersma Leading Light Consulting Inc. Vancouver, BC Canada |
|
From: Shachar S. <rsy...@sh...> - 2005-12-09 06:36:37
|
al...@ki... wrote:
>Shachar,
>
>Thanks for this..
>
>I love rsync, however the size of my backups now require me to sync my work to
>a NAS that is accessed by some really dodgy collegues. I needed an app that
>applies encryption and keeps the directory\file structure. rsyncrypto is it..
>
>
Shouldn't the NAS be running rsync too for this exercise to mean
anything? If all you are doing is copy between two local folders,
whether one of them mounted remotely or not, then rsync doesn't apply
any of it's special capabilities. There's nothing wrong with that, but
it does mean that rsyncrypto is probably doing an overkill here.
>Both Redhat and Suse did not come with argtable.
>
>
Yeah, I know.
>post my email I discovered a site that had a simple line:
>"openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem"
>This meant absolutely nothing to me, but I applied it anyway.
>
>
Yeah, I should really put in the planned "Examples" section in the man
page. Would that have helped you?
>then I applied
>"rsyncrypto -r -c -vv tmp it-nas ./keydir ./req.pem"
>and the backup worked..BUT not without the error\notice "gzip: unrecognized
>option `--rsyncable'"
>
>
That's a critical one, and it's an actual error, not a notice. Rsync has
two ways of telling whether a file has changed, and you're only really
using one of them. The one you are using is the comparison of file
timestamps, so that only changed files are synced. This one works
whether both files are mounted locally, or whether it is synching with a
remote machine running rsync as well. The other thing rsync does is to
determine, in a very intelligent way, what changed INSIDE a file.
Rsyncrypto was specifically built so that this second capability is not
lost, even after encryption. Obviously, having a program that compresses
and then encrypts while the encryption keeps changes local is totally
meaningless if the compression does not. That's why rsyncrypto requires
a special version of gzip which was patched to include an option called
"rsyncable". The patch for gzip is available in rsyncrypto's "contrib"
folder. It is planned to get rid of this external dependency, and do the
compression using a library, but that will take a version or two more.
It seems that Suse doesn't have the patched gzip. It was only a couple
of days ago that I learned that Fedora had it, so this is not very
surprising in itself. As you don't require that specific feature of
rsync, there are a couple of things I can suggest to you.
- Either use something other than rsyncrypto for the encryption (as you
do not need rsyncrypto's special encryption mode anyways). or
- Wrap gzip in order to make it work.
Assuming you do want to go with rsyncrypto, here's what I would do. If
you had any use for the rsync friendliness of rsyncrypto, I would have
suggested to you to compile your own gzip. It's not very difficult, but
is really not required for your case. In your case, I would write a
small script that looks like this:
#!/usr/perl/bin
shift;
exec "gzip", @ARGV;
Call it "gzip.pl", and mark it executeable. When you run rsyncrypto
next, just do:
rsyncrypto -r -c -vv --gzip=./gzip.pl tmp it-nas ./keydir ./req.pem
Since you do not require rsync-friendliness, I would also add:
--roll-win=1 --roll-sensitivity=4096
This effectively disables the special rsyncrypto encryption, and leaves
you with standard AES encryption in CBC mode. If you are not using the
special rsync features, there is no reason to carry the risk, small
though it may be.
>Without this I would have given up on the program.
>Someone needs to put a simple example on sourceforge or hundred others are
>going to experience what I have, and will give in.
>
>
Could be. Simply out of interest, did you try "man rsyncrypto"?
>The userguide on sourceforge is useless:
>rsyncrypto <plaintext file> <cyphertext file> <key file> <certificate>
>at the time I thought "what the hell is that ??"
>
>
Quoting from the user guide on sf:
Some of the information in this document is no longer accurate. Please
be sure to read the release notes for version 0.05 before applying the
information presented here to your files.
>Without examples of restoring on the web, I played around with a few commands,
>trying to understand the logic of the syntax
>
>To simulate a recovery I deleted the tmp folder then performed
>i) rsyncrypto -d -r -c -vv tmp it-nas ./keydir ./req.pem
>this did nothing
>ii) rsyncrypto -d -r -c -vv it-nas tmp ./keydir ./req.pem
>"gzip: stdin: not in gzip format
>Decrypting tmp/test.jpg error: gunzip failed to run:"
>
>
The problem here, likely, is that after having failed to encrypt due to
passing an unsupported option to gzip, the file does not hold the right
information, and rsyncrypto can't decrypt it. Try using the workaround
discussed above, and see whether things are better.
>I assume rsyncrypto fully works in debian. I would definately like to see
>this app work in Suse.
>
>
I'm hoping the next version will depend less on strange distro-specific
patches.
>cheers
>Shannon
>
>
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: <al...@ki...> - 2005-12-09 06:01:37
|
Shachar, Thanks for this.. I love rsync, however the size of my backups now require me to sync my work= to=20 a NAS that is accessed by some really dodgy collegues. I needed an app that= =20 applies encryption and keeps the directory\file structure. rsyncrypto is it= =2E. Both Redhat and Suse did not come with argtable. post my email I discovered a site that had a simple line: "openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem" This meant absolutely nothing to me, but I applied it anyway. then I applied "rsyncrypto -r -c -vv tmp it-nas ./keydir ./req.pem" and the backup worked..BUT not without the error\notice "gzip: unrecognized= =20 option `--rsyncable'" Without this I would have given up on the program. Someone needs to put a simple example on sourceforge or hundred others are= =20 going to experience what I have, and will give in. The userguide on sourceforge is useless: rsyncrypto <plaintext file> <cyphertext file> <key file> <certificate> at the time I thought "what the hell is that ??" Without examples of restoring on the web, I played around with a few comman= ds,=20 trying to understand the logic of the syntax To simulate a recovery I deleted the tmp folder then performed i) rsyncrypto -d -r -c -vv tmp it-nas ./keydir ./req.pem this did nothing ii) rsyncrypto -d -r -c -vv it-nas tmp ./keydir ./req.pem "gzip: stdin: not in gzip format Decrypting tmp/test.jpg error: gunzip failed to run:" I'm using gunzip 1.3.5. Have you any suggestions on: 1) gzip: unrecognized option `--rsyncable'" 2) "gzip: stdin: not in gzip format Decrypting tmp/test.jpg error: gunzip failed to run:" I assume rsyncrypto fully works in debian. =C2=A0I would definately like to= see=20 this app work in Suse. cheers Shannon On Wednesday 07 December 2005 16:50, Shachar Shemesh wrote: > al...@ki... wrote: > >I'm receiving this error on both SuSe9.3 and SuSe10. > > > >The following steps were performed on both: > >1) configure/make/make install argtable-2.4.tar > >2) configure/make/make install rsyncrypto-0.16 > > > >if I type rsyncrypto --help: > >*** glibc detected *** double free or corruption (!prev): 0x08059700 *** > >Aborted > > > > > >if I run rsyncrypto <src> <dst> <key> <master key> ....: > >Segmentation fault > > It's a known bug in argtable, when the error buffer is too small (for > example, because you did not provide four mandatory arguments). If you > apply the attached patch to argtable, the problem is solved. As a side > note, I'll mention that this problem does not affect normal operation. > > I should note that there is a fairly known Israeli joke. One kid did not > talk. The kid was already 4, and not a single word. Not "gogo", nothing. > Then, one morning, during breakfast, he looks up and says "Mom, the hot > chocolate isn't hot enough". The suprised mom is all over the place. She > says to him: "Why didn't you talk until now?", to which he says "So far, > everything was ok". > > I have to say that I was not even aware that Suse, Fedora etc. had the > patched gzip capable of running rsyncrypto. As such, they were not > particularily in my testing focus. For Debian, I'm the argtable package > maintiner, and I made sure that the attached patch went into the > official argtable package. It's great to see that people use rsyncrypto, > and that people use it on platforms different than the ones I though > they would. Maybe I should introduce the occasional proble just so I > hear from people `-). > > Shachar |
|
From: Shachar S. <rsy...@sh...> - 2005-12-07 05:50:36
|
al...@ki... wrote:
>I'm receiving this error on both SuSe9.3 and SuSe10.
>
>The following steps were performed on both:
>1) configure/make/make install argtable-2.4.tar
>2) configure/make/make install rsyncrypto-0.16
>
>if I type rsyncrypto --help:
>*** glibc detected *** double free or corruption (!prev): 0x08059700 ***
>Aborted
>
>
>if I run rsyncrypto <src> <dst> <key> <master key> ....:
>Segmentation fault
>
>
It's a known bug in argtable, when the error buffer is too small (for
example, because you did not provide four mandatory arguments). If you
apply the attached patch to argtable, the problem is solved. As a side
note, I'll mention that this problem does not affect normal operation.
I should note that there is a fairly known Israeli joke. One kid did not
talk. The kid was already 4, and not a single word. Not "gogo", nothing.
Then, one morning, during breakfast, he looks up and says "Mom, the hot
chocolate isn't hot enough". The suprised mom is all over the place. She
says to him: "Why didn't you talk until now?", to which he says "So far,
everything was ok".
I have to say that I was not even aware that Suse, Fedora etc. had the
patched gzip capable of running rsyncrypto. As such, they were not
particularily in my testing focus. For Debian, I'm the argtable package
maintiner, and I made sure that the attached patch went into the
official argtable package. It's great to see that people use rsyncrypto,
and that people use it on platforms different than the ones I though
they would. Maybe I should introduce the occasional proble just so I
hear from people `-).
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: <al...@ki...> - 2005-12-07 00:22:44
|
I'm receiving this error on both SuSe9.3 and SuSe10. The following steps were performed on both: 1) configure/make/make install argtable-2.4.tar 2) configure/make/make install rsyncrypto-0.16 if I type rsyncrypto --help: *** glibc detected *** double free or corruption (!prev): 0x08059700 *** Aborted if I run rsyncrypto <src> <dst> <key> <master key> ....: Segmentation fault |
|
From: Edwin S. <po...@Ed...> - 2005-11-30 09:51:38
|
Dear Shachar, I have tries the gzip file on my fedora core 2, but this has the same result. I also tried the same setup, see below, on slackware 10 and this sees to work fine! I'll have a go in upgrading fedora core 2 to fedore core 4 to see if that helps. Setup untill now: ********************* Start My Setup ********************* # Install files needed install argtable 2.4.0 (with /usr/lib as libpath in Makefile after ./configure) install rsyncrypto 0.16 Use gzip 1.3.5 with --rsyncable option # Create key openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem # Backup rsyncrypto -r -vv --trim=3D2 ./source ./dest ./keydir ./req.pem # Restore rsyncrypto -r -d -vv --trim=3D2 ./dest ./restore ./keydir ./req.pem # Directory structure ./dest/ ./keydir/ ./restore/ ./source/ ./req.pem ********************* End My Setup ********************* Regards, Edwin. > Edwin Schouten wrote: > >>Dear Shachar, >> >>Just as extra information, I recompiled rsyncrypto and will send you th= e >>command output of it. I'm using argtable-2.4.0, rsyncrypto 0.16 and gzi= p >>1.3.3. >> >> > Hmm. Debian has 1.3.5. I'm attaching the Debian gzip - can you give it = a > try? > > Shachar > > -- > Shachar Shemesh > Lingnu Open Source Consulting ltd. > Have you backed up today's work? http://www.lingnu.com/backup.html > > |
|
From: Edwin S. <po...@Ed...> - 2005-11-30 07:39:48
|
Dear Shachar, I use Fedora Core 2. I'll also try it on slackware 10, I run somewhere el= se. Regards, Edwin. > Edwin Schouten wrote: > >>Dear Shachar, >> >>Just as extra information, I recompiled rsyncrypto and will send you th= e >>command output of it. I'm using argtable-2.4.0, rsyncrypto 0.16 and gzi= p >>1.3.3. >> >>Regards, >>Edwin. >> >> > I'm going to try and install the version of Fedora you have. Can you > please let me know which it is? > > Thanks, > Shachar > > -- > Shachar Shemesh > Lingnu Open Source Consulting ltd. > Have you backed up today's work? http://www.lingnu.com/backup.html > > |
|
From: Shachar S. <rsy...@sh...> - 2005-11-29 18:33:57
|
Edwin Schouten wrote:
>Dear Shachar,
>
>Just as extra information, I recompiled rsyncrypto and will send you the
>command output of it. I'm using argtable-2.4.0, rsyncrypto 0.16 and gzip
>1.3.3.
>
>Regards,
>Edwin.
>
>
I'm going to try and install the version of Fedora you have. Can you
please let me know which it is?
Thanks,
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Shachar S. <rsy...@sh...> - 2005-11-29 16:41:44
|
Msg was too big to the list. People who are not called "Edwin" had
better just believe me that I did send him Debian's gzip :-).
Shachar
P.s.
Edwin, please include me as CC in message of mine sent to the list that
you answer. Simplest method to do that is to reply to all messages that
arrive from the list with "reply to all".
Thanks,
Shachar
Shachar Shemesh wrote:
>Edwin Schouten wrote:
>
>
>
>>Dear Shachar,
>>
>>Just as extra information, I recompiled rsyncrypto and will send you the
>>command output of it. I'm using argtable-2.4.0, rsyncrypto 0.16 and gzip
>>1.3.3.
>>
>>
>>
>>
>Hmm. Debian has 1.3.5. I'm attaching the Debian gzip - can you give it a
>try?
>
> Shachar
>
>
>
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-29 16:05:48
|
Dear Shachar,
Just as extra information, I recompiled rsyncrypto and will send you the
command output of it. I'm using argtable-2.4.0, rsyncrypto 0.16 and gzip
1.3.3.
Regards,
Edwin.
[root@p3151447 rsyncrypto-0.16]# make clean
test -z "rsyncrypto" || rm -f rsyncrypto
test -z "blocksizes" || rm -f blocksizes
rm -f *.o core *.core
[root@p3151447 rsyncrypto-0.16]# ./configure
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for g++... g++
checking for C++ compiler default output file name... a.out
checking whether the C++ compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C++ compiler... yes
checking whether g++ accepts -g... yes
checking for style of include used by make... GNU
checking dependency style of g++... gcc3
checking for AES_encrypt in -lcrypto... yes
checking for arg_parse in -largtable2... yes
checking whether platform supports lstat... yes
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... 64
checking for _LARGE_FILES value needed for large files... no
checking how to run the C++ preprocessor... g++ -E
checking for egrep... grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking argtable2.h usability... yes
checking argtable2.h presence... yes
checking for argtable2.h... yes
checking ext/hash_map usability... yes
checking ext/hash_map presence... yes
checking for ext/hash_map... yes
checking for O_NOATIME support in open... no
checking whether struct stat has nanosecond resolution... st_mtim is a
struct timespec
checking for gzip with "rsyncable" support... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating config.h
config.status: config.h is unchanged
config.status: executing depfiles commands
[root@p3151447 rsyncrypto-0.16]# make
make all-am
make[1]: Entering directory `/home/edwin/rsyncrypto-0.16'
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT main.o -MD -MP -MF
".deps/main.Tpo" \
-c -o main.o `test -f 'main.cpp' || echo './'`main.cpp; \
then mv -f ".deps/main.Tpo" ".deps/main.Po"; \
else rm -f ".deps/main.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT crypto.o -MD -MP -MF
".deps/crypto.Tpo" \
-c -o crypto.o `test -f 'crypto.cpp' || echo './'`crypto.cpp; \
then mv -f ".deps/crypto.Tpo" ".deps/crypto.Po"; \
else rm -f ".deps/crypto.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT crypt_key.o -MD -MP -MF
".deps/crypt_key.Tpo" \
-c -o crypt_key.o `test -f 'crypt_key.cpp' || echo './'`crypt_key.cpp; =
\
then mv -f ".deps/crypt_key.Tpo" ".deps/crypt_key.Po"; \
else rm -f ".deps/crypt_key.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT aes_crypt.o -MD -MP -MF
".deps/aes_crypt.Tpo" \
-c -o aes_crypt.o `test -f 'aes_crypt.cpp' || echo './'`aes_crypt.cpp; =
\
then mv -f ".deps/aes_crypt.Tpo" ".deps/aes_crypt.Po"; \
else rm -f ".deps/aes_crypt.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT file.o -MD -MP -MF
".deps/file.Tpo" \
-c -o file.o `test -f 'file.cpp' || echo './'`file.cpp; \
then mv -f ".deps/file.Tpo" ".deps/file.Po"; \
else rm -f ".deps/file.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT process.o -MD -MP -MF
".deps/process.Tpo" \
-c -o process.o `test -f 'process.cpp' || echo './'`process.cpp; \
then mv -f ".deps/process.Tpo" ".deps/process.Po"; \
else rm -f ".deps/process.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT redir.o -MD -MP -MF
".deps/redir.Tpo" \
-c -o redir.o `test -f 'redir.cpp' || echo './'`redir.cpp; \
then mv -f ".deps/redir.Tpo" ".deps/redir.Po"; \
else rm -f ".deps/redir.Tpo"; exit 1; \
fi
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT filemap.o -MD -MP -MF
".deps/filemap.Tpo" \
-c -o filemap.o `test -f 'filemap.cpp' || echo './'`filemap.cpp; \
then mv -f ".deps/filemap.Tpo" ".deps/filemap.Po"; \
else rm -f ".deps/filemap.Tpo"; exit 1; \
fi
g++ -g -O2 -o rsyncrypto main.o crypto.o crypt_key.o aes_crypt.o
file.o process.o redir.o filemap.o -largtable2 -lcrypto
if g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -MT blocksizes.o -MD -MP -M=
F
".deps/blocksizes.Tpo" \
-c -o blocksizes.o `test -f 'blocksizes.cpp' || echo './'`blocksizes.cp=
p; \
then mv -f ".deps/blocksizes.Tpo" ".deps/blocksizes.Po"; \
else rm -f ".deps/blocksizes.Tpo"; exit 1; \
fi
g++ -g -O2 -o blocksizes crypt_key.o aes_crypt.o blocksizes.o=20
-largtable2 -lcrypto
make[1]: Leaving directory `/home/edwin/rsyncrypto-0.16'
[root@p3151447 rsyncrypto-0.16]# make check
[root@p3151447 rsyncrypto-0.16]# make install
make[1]: Entering directory `/home/edwin/rsyncrypto-0.16'
/bin/sh ./mkinstalldirs /usr/local/bin
/usr/bin/install -c rsyncrypto /usr/local/bin/rsyncrypto
/bin/sh ./mkinstalldirs /usr/local/man/man1
/usr/bin/install -c -m 644 ./rsyncrypto.man /usr/local/man/man1/rsyncryp=
to.1
make[1]: Leaving directory `/home/edwin/rsyncrypto-0.16'
[root@p3151447 rsyncrypto-0.16]#
------------------------- Oorspronkelijk bericht ------------------------=
-
Onderwerp: Re: [Fwd: Re: Rsyncrypto errors during restore.]
Van: "Shachar Shemesh" <rsy...@sh...>
Datum: Di, 29 november, 2005 16:17
Aan: "Edwin Schouten" <po...@Ed...>
CC: rsy...@li...
-------------------------------------------------------------------------=
-
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I have tested the nullgzip, but it gave weird results restoring files.
>This does not solve the previously reported errors, so I will stop
>investigate further with the nullgzip file.
>
>Again, as the previous e-mail decribes, it restores not all file and no
>directories. Small files (text) seem to restore OK, but larger ones are
>restored partially. I have attached an example of the COPYING file with
>all used keys and the output of the command prompt.
>
>Regards,
>Edwin.
>
>
I'm attaching an encrypted "COPYING" file, encrypted using the symmetric
and public key you sent in the previous message. Can you please let me
know whether the command "rsyncrypto -d enc/COPYING dec/COPYING
key/COPYING req.pem", where enc/COPYING is the file attached, completes
without error?
There is definitely something wrong with the encryption performed by
your rsyncrypto. Now I'm trying to figure out whether at least the
decryption works correctly.
Thanks,
Shachar
--=20
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-29 15:56:28
|
Dear Shachar,
This seems to work! No output what so ever, although the -vvv option, but
the md5sum is the same. So your encrypted file does decrypt fine on my
machine. Does this give you a clue?
[root@p3151447 backup]# rsyncrypto -d -vvv ./dest/COPYING
./restore/COPYING ./keydir/COPYING ./req.pem
[root@p3151447 backup]# md5sum ./source/COPYING
e4284bde1d71dc4d1d5ad241b827fa98 ./source/COPYING
[root@p3151447 backup]# md5sum ./dest/COPYING
1a4a5a41708a95dd22ee123d807fe4b7 ./dest/COPYING
[root@p3151447 backup]# md5sum ./restore/COPYING
e4284bde1d71dc4d1d5ad241b827fa98 ./restore/COPYING
[root@p3151447 backup]#
Regards,
Edwin.
------------------------- Oorspronkelijk bericht ------------------------=
-
Onderwerp: Re: [Fwd: Re: Rsyncrypto errors during restore.]
Van: "Shachar Shemesh" <rsy...@sh...>
Datum: Di, 29 november, 2005 16:17
Aan: "Edwin Schouten" <po...@Ed...>
CC: rsy...@li...
-------------------------------------------------------------------------=
-
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I have tested the nullgzip, but it gave weird results restoring files.
>This does not solve the previously reported errors, so I will stop
>investigate further with the nullgzip file.
>
>Again, as the previous e-mail decribes, it restores not all file and no
>directories. Small files (text) seem to restore OK, but larger ones are
>restored partially. I have attached an example of the COPYING file with
>all used keys and the output of the command prompt.
>
>Regards,
>Edwin.
>
>
I'm attaching an encrypted "COPYING" file, encrypted using the symmetric
and public key you sent in the previous message. Can you please let me
know whether the command "rsyncrypto -d enc/COPYING dec/COPYING
key/COPYING req.pem", where enc/COPYING is the file attached, completes
without error?
There is definitely something wrong with the encryption performed by
your rsyncrypto. Now I'm trying to figure out whether at least the
decryption works correctly.
Thanks,
Shachar
--=20
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Shachar S. <rsy...@sh...> - 2005-11-29 15:18:11
|
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I have tested the nullgzip, but it gave weird results restoring files.
>This does not solve the previously reported errors, so I will stop
>investigate further with the nullgzip file.
>
>Again, as the previous e-mail decribes, it restores not all file and no
>directories. Small files (text) seem to restore OK, but larger ones are
>restored partially. I have attached an example of the COPYING file with
>all used keys and the output of the command prompt.
>
>Regards,
>Edwin.
>
>
I'm attaching an encrypted "COPYING" file, encrypted using the symmetric
and public key you sent in the previous message. Can you please let me
know whether the command "rsyncrypto -d enc/COPYING dec/COPYING
key/COPYING req.pem", where enc/COPYING is the file attached, completes
without error?
There is definitely something wrong with the encryption performed by
your rsyncrypto. Now I'm trying to figure out whether at least the
decryption works correctly.
Thanks,
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-29 13:50:28
|
Dear rsy...@li..., I have tested the nullgzip, but it gave weird results restoring files. This does not solve the previously reported errors, so I will stop investigate further with the nullgzip file. Again, as the previous e-mail decribes, it restores not all file and no directories. Small files (text) seem to restore OK, but larger ones are restored partially. I have attached an example of the COPYING file with all used keys and the output of the command prompt. Regards, Edwin. > Edwin Schouten wrote: > >>Dear rsy...@li..., >> >>I just remember that I found a remark in the manpage about a gzip-file >>that does not zip, but parses it to cat. "The tests directory of >>rsyncrypto=C3=A2s source has a file called "gzip", that does NULL >>compression by redirecting the input and output to cat(1)." I'm unable = to >>find the gzip-file or a tests directory. Where can I find the file or >> what >>is the content of the file so I can test encrypting/decrypting without >>gzip. >> >>Regards, >>Edwin. >> >> > The tests folder contained several largish binary files that slowed > working with CVS to a crawl. I had to split them out into a seperate > project. Unfortunately, this project has not, yet, released any officia= l > pacakge. You can either check it out using cvs, or access it online (it > also contains test quartets to test decryption against, so checking it > out from CVS, if you feel up to it, would be greatly appreciated). > > In particular, you can find the online CVS view at > http://cvs.sourceforge.net/viewcvs.py/rsyncrypto/tests/, and you can > download the actual null-gzip file at > http://cvs.sourceforge.net/viewcvs.py/*checkout*/rsyncrypto/tests/nullg= zip. > Just mark the file as executeable (it's a bash script) and give it to > the "--gzip" option of rsyncrypto. > > Thanks, > > Shachar > > -- > Shachar Shemesh > Lingnu Open Source Consulting ltd. > Have you backed up today's work? http://www.lingnu.com/backup.html > > |
|
From: Shachar S. <rsy...@sh...> - 2005-11-29 10:09:38
|
Edwin Schouten wrote: >Dear rsy...@li..., > >I just remember that I found a remark in the manpage about a gzip-file >that does not zip, but parses it to cat. "The tests directory of >rsyncryptoâs source has a file called "gzip", that does NULL >compression by redirecting the input and output to cat(1)." I'm unable to >find the gzip-file or a tests directory. Where can I find the file or what >is the content of the file so I can test encrypting/decrypting without >gzip. > >Regards, >Edwin. > > The tests folder contained several largish binary files that slowed working with CVS to a crawl. I had to split them out into a seperate project. Unfortunately, this project has not, yet, released any official pacakge. You can either check it out using cvs, or access it online (it also contains test quartets to test decryption against, so checking it out from CVS, if you feel up to it, would be greatly appreciated). In particular, you can find the online CVS view at http://cvs.sourceforge.net/viewcvs.py/rsyncrypto/tests/, and you can download the actual null-gzip file at http://cvs.sourceforge.net/viewcvs.py/*checkout*/rsyncrypto/tests/nullgzip. Just mark the file as executeable (it's a bash script) and give it to the "--gzip" option of rsyncrypto. Thanks, Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html |
|
From: Edwin S. <po...@Ed...> - 2005-11-29 09:50:53
|
Dear rsy...@li...,
I just remember that I found a remark in the manpage about a gzip-file
that does not zip, but parses it to cat. "The tests directory of=20
rsyncrypto=E2s source has a file called "gzip", that does NULL
compression by redirecting the input and output to cat(1)." I'm unable to
find the gzip-file or a tests directory. Where can I find the file or wha=
t
is the content of the file so I can test encrypting/decrypting without
gzip.
Regards,
Edwin.
------------------------- Oorspronkelijk bericht ------------------------=
-
Onderwerp: Re: Rsyncrypto errors during restore.
Van: "Shachar Shemesh" <rsy...@sh...>
Datum: Ma, 28 november, 2005 21:58
Aan: "Edwin Schouten" <po...@Ed...>
CC: rsy...@li...
-------------------------------------------------------------------------=
-
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I'm still strubling with the rsyncrypto utility, maybe a debian/fedora
>difference...
>
>
Actually, this might actually be the problem. Debian's gzip supports a
flag called "rsyncable". rsyncrypto relies heavily on this feature. If
you want to use rsyncrypto on a system that does not provide this flag,
you will need to supply the proper gzip yourself.
During compilation of rsyncrypto (I'm assuming you compiled it youself),
did configure complain that gzip did not have "rsyncable"? Hmm, looking
throught the internet seems to suggest that Fedora DOES carry an
"Rsyncable" supporting gzip. Can you please forward me an encryption
quartret (plain, encrypted, key and public key) of a file that shows
"Error in encrypted stream (trailer)" while decrypting
(say,aes_crypt.h)? It would be very helpful to me.
Thanks,
Shachar
--=20
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-29 09:00:25
|
Dear rsy...@li...,
I did compile rsyncrypto myself and found the following in the config.log=
:
configure:3954: checking for gzip with "rsyncable" support
configure:3958: result: yes
configure:4086: creating ./config.status
Encrypting looks fine, it also compresses as yo can see in the attached
quartret.tgz README file. Hope you can find anything in the files to get =
a
lead of the problem.
Regards,
Edwin.
------------------------- Oorspronkelijk bericht ------------------------=
-
Onderwerp: Re: Rsyncrypto errors during restore.
Van: "Shachar Shemesh" <rsy...@sh...>
Datum: Ma, 28 november, 2005 21:58
Aan: "Edwin Schouten" <po...@Ed...>
CC: rsy...@li...
-------------------------------------------------------------------------=
-
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I'm still strubling with the rsyncrypto utility, maybe a debian/fedora
>difference...
>
>
Actually, this might actually be the problem. Debian's gzip supports a
flag called "rsyncable". rsyncrypto relies heavily on this feature. If
you want to use rsyncrypto on a system that does not provide this flag,
you will need to supply the proper gzip yourself.
During compilation of rsyncrypto (I'm assuming you compiled it youself),
did configure complain that gzip did not have "rsyncable"? Hmm, looking
throught the internet seems to suggest that Fedora DOES carry an
"Rsyncable" supporting gzip. Can you please forward me an encryption
quartret (plain, encrypted, key and public key) of a file that shows
"Error in encrypted stream (trailer)" while decrypting
(say,aes_crypt.h)? It would be very helpful to me.
Thanks,
Shachar
--=20
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Shachar S. <rsy...@sh...> - 2005-11-28 20:58:53
|
Edwin Schouten wrote:
>Dear rsy...@li...,
>
>I'm still strubling with the rsyncrypto utility, maybe a debian/fedora
>difference...
>
>
Actually, this might actually be the problem. Debian's gzip supports a
flag called "rsyncable". rsyncrypto relies heavily on this feature. If
you want to use rsyncrypto on a system that does not provide this flag,
you will need to supply the proper gzip yourself.
During compilation of rsyncrypto (I'm assuming you compiled it youself),
did configure complain that gzip did not have "rsyncable"? Hmm, looking
throught the internet seems to suggest that Fedora DOES carry an
"Rsyncable" supporting gzip. Can you please forward me an encryption
quartret (plain, encrypted, key and public key) of a file that shows
"Error in encrypted stream (trailer)" while decrypting
(say,aes_crypt.h)? It would be very helpful to me.
Thanks,
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-28 16:17:06
|
Dear rsy...@li..., I'm still strubling with the rsyncrypto utility, maybe a debian/fedora difference... This is how far I have come today, encrypting works :) # Create x509 private key: openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem # Encrypt source directory to dest directory, save keys in keydir using req.pem as private key: rsyncrypto -r -v /var/backup/source/ /var/backup/dest /var/backup/keydir /root/req.pem Now to difficult part, decrypting. I seem to get errors, but not for all to decrypt files. I also get errors for files that have been restored jus= t fine... I use the following command: rsyncrypto -r -d -v /var/backup/dest /var/backup/restore /var/backup/keydir /root/req.pem Below my command output for the routine encrypt and decrypt. After this I ls the restore directory to see that not all files have been restored. During decrypting I see that README has errors, but doing an md5sum it looks OK... Any ideas? Regards, Edwin Schouten. [root@p3151447 root]# rsyncrypto -r -vvv --trim=3D3 --delete /var/backup/source /var/backup/dest/ /var/backup/keydir /root/req.pem Encrypting /var/backup/source/autommap.h Encrypting /var/backup/source/redir.h Encrypting /var/backup/source/NEWS Encrypting /var/backup/source/README Encrypting /var/backup/source/aes_crypt.h Encrypting /var/backup/source/file.cpp Encrypting /var/backup/source/stamp-h1 Encrypting /var/backup/source/blocksizes.cpp Encrypting /var/backup/source/config.h Encrypting /var/backup/source/configure.ac Encrypting /var/backup/source/main.o Rotated 13751 Rotated 23384 Rotated 16151 Rotated 14609 Rotated 11105 Rotated 11600 Encrypting /var/backup/source/filemap.o Rotated 11718 Rotated 19219 Rotated 15520 Rotated 14237 Rotated 14330 Rotated 37885 Rotated 8369 Encrypting /var/backup/source/config.guess Encrypting /var/backup/source/backup.key Encrypting /var/backup/source/crypt_key.cpp Encrypting /var/backup/source/process.o Rotated 13595 Rotated 10148 Rotated 12477 Rotated 16267 Rotated 11727 Rotated 14396 Encrypting /var/backup/source/main.cpp Encrypting /var/backup/source/Makefile.in Encrypting /var/backup/source/.deps/main.Po Encrypting /var/backup/source/.deps/aes_crypt.Po Encrypting /var/backup/source/.deps/blocksizes.Po Encrypting /var/backup/source/.deps/process.Po Encrypting /var/backup/source/.deps/filemap.Po Encrypting /var/backup/source/.deps/crypto.Po Encrypting /var/backup/source/.deps/crypt_key.Po Encrypting /var/backup/source/.deps/file.Po Encrypting /var/backup/source/.deps/redir.Po Encrypting /var/backup/source/aes_crypt.o Rotated 11518 Rotated 13106 Rotated 10484 Rotated 10102 Rotated 13420 Rotated 16292 Encrypting /var/backup/source/rsyncrypto.man Encrypting /var/backup/source/mkinstalldirs Encrypting /var/backup/source/crypt_key.h Encrypting /var/backup/source/config.h.in Encrypting /var/backup/source/rsyncrypto.h Encrypting /var/backup/source/COPYING Encrypting /var/backup/source/rsyncrypto.mak Encrypting /var/backup/source/INSTALL Encrypting /var/backup/source/redir.o Rotated 12024 Rotated 9231 Rotated 12036 Rotated 13311 Rotated 16153 Rotated 11964 Encrypting /var/backup/source/install-sh Encrypting /var/backup/source/blocksizes.o Rotated 10245 Rotated 8381 Rotated 8655 Rotated 8548 Rotated 17706 Rotated 15609 Encrypting /var/backup/source/file.h Encrypting /var/backup/source/config.log Encrypting /var/backup/source/file.o Rotated 10766 Rotated 12152 Rotated 27136 Rotated 10300 Rotated 26582 Rotated 23576 Encrypting /var/backup/source/rsyncrypto.dsw Encrypting /var/backup/source/contrib/gzip-rsyncable.diff Encrypting /var/backup/source/crypt_key.o Rotated 20260 Rotated 8631 Rotated 13979 Rotated 32170 Encrypting /var/backup/source/depcomp Encrypting /var/backup/source/stamp-h.in Encrypting /var/backup/source/filemap.h Encrypting /var/backup/source/aclocal.m4 Encrypting /var/backup/source/config.sub Encrypting /var/backup/source/Makefile Encrypting /var/backup/source/crypto.o Rotated 17018 Rotated 31272 Rotated 14379 Rotated 12409 Rotated 11278 Encrypting /var/backup/source/redir.cpp Encrypting /var/backup/source/Makefile.am Encrypting /var/backup/source/filemap.cpp Encrypting /var/backup/source/process.h Encrypting /var/backup/source/crypto.cpp Encrypting /var/backup/source/.cvsignore Encrypting /var/backup/source/ChangeLog Encrypting /var/backup/source/autodir.h Encrypting /var/backup/source/autoarray.h Encrypting /var/backup/source/blocksizes Rotated 11360 Rotated 17067 Rotated 13173 Rotated 17786 Rotated 31634 Rotated 24225 Rotated 24256 Rotated 8624 Encrypting /var/backup/source/crypto.h Encrypting /var/backup/source/rsyncrypto Rotated 8690 Rotated 9032 Rotated 37687 Rotated 25920 Rotated 8976 Rotated 15333 Rotated 10147 Rotated 13898 Rotated 12574 Rotated 22469 Rotated 16241 Rotated 10659 Rotated 8439 Rotated 13443 Rotated 10564 Rotated 38189 Rotated 17032 Rotated 37981 Rotated 13537 Rotated 17739 Rotated 8225 Rotated 14752 Rotated 43157 Rotated 13923 Rotated 11856 Rotated 17053 Rotated 18225 Rotated 16040 Encrypting /var/backup/source/autofd.h Encrypting /var/backup/source/autom4te.cache/requests Encrypting /var/backup/source/autom4te.cache/output.0 Rotated 14003 Rotated 19199 Encrypting /var/backup/source/autom4te.cache/traces.0 Encrypting /var/backup/source/backup.nopass.key Encrypting /var/backup/source/docs/filelist.txt Encrypting /var/backup/source/docs/.cvsignore Encrypting /var/backup/source/autopipe.h Encrypting /var/backup/source/random.h Encrypting /var/backup/source/aes_crypt.cpp Encrypting /var/backup/source/process.cpp Encrypting /var/backup/source/missing Encrypting /var/backup/source/AUTHORS Encrypting /var/backup/source/config.status Encrypting /var/backup/source/rsyncrypto.dsp Encrypting /var/backup/source/configure Rotated 9287 Encrypting /var/backup/source/win32/resource.h Encrypting /var/backup/source/win32/autommap.h Encrypting /var/backup/source/win32/rsyncrypto.rc Encrypting /var/backup/source/win32/win32glue.cpp Encrypting /var/backup/source/win32/win32redir.h Encrypting /var/backup/source/win32/types.h Encrypting /var/backup/source/win32/nullgzip.cpp Encrypting /var/backup/source/win32/redir.cpp Encrypting /var/backup/source/win32/nullgzip.mak Encrypting /var/backup/source/win32/autohandle.h Encrypting /var/backup/source/win32/process.h Encrypting /var/backup/source/win32/nullgzip.dsp Encrypting /var/backup/source/win32/.cvsignore Encrypting /var/backup/source/win32/autodir.h Encrypting /var/backup/source/win32/stdafx.cpp Encrypting /var/backup/source/win32/autofd.h Encrypting /var/backup/source/win32/autopipe.h Encrypting /var/backup/source/win32/process.cpp [root@p3151447 root]# ll dest/ total 1884 -rw-r--r-- 1 root root 8980 Nov 28 17:02 aclocal.m4 -rw-r--r-- 1 root root 900 Nov 28 17:02 aes_crypt.cpp -rw-r--r-- 1 root root 756 Nov 28 17:02 aes_crypt.h -rw-r--r-- 1 root root 84756 Nov 28 17:02 aes_crypt.o -rw-r--r-- 1 root root 356 Nov 28 17:02 AUTHORS -rw-r--r-- 1 root root 1844 Nov 28 17:02 autoarray.h -rw-r--r-- 1 root root 612 Nov 28 17:02 autodir.h -rw-r--r-- 1 root root 2180 Nov 28 17:02 autofd.h drwxr-xr-x 2 root root 4096 Nov 28 17:03 autom4te.cache -rw-r--r-- 1 root root 1300 Nov 28 17:02 autommap.h -rw-r--r-- 1 root root 660 Nov 28 17:02 autopipe.h -rw-r--r-- 1 root root 628 Nov 28 17:02 backup.key -rw-r--r-- 1 root root 564 Nov 28 17:02 backup.nopass.key -rw-r--r-- 1 root root 177524 Nov 28 17:02 blocksizes -rw-r--r-- 1 root root 1380 Nov 28 17:02 blocksizes.cpp -rw-r--r-- 1 root root 82964 Nov 28 17:02 blocksizes.o -rw-r--r-- 1 root root 1796 Nov 28 17:02 ChangeLog -rw-r--r-- 1 root root 13556 Nov 28 17:02 config.guess -rw-r--r-- 1 root root 916 Nov 28 17:02 config.h -rw-r--r-- 1 root root 852 Nov 28 17:02 config.h.in -rw-r--r-- 1 root root 4676 Nov 28 17:02 config.log -rw-r--r-- 1 root root 10196 Nov 28 17:02 config.status -rw-r--r-- 1 root root 9652 Nov 28 17:02 config.sub -rw-r--r-- 1 root root 36372 Nov 28 17:02 configure -rw-r--r-- 1 root root 1604 Nov 28 17:02 configure.ac drwxr-xr-x 2 root root 4096 Nov 28 17:03 contrib -rw-r--r-- 1 root root 7780 Nov 28 17:02 COPYING -rw-r--r-- 1 root root 1092 Nov 28 17:02 crypt_key.cpp -rw-r--r-- 1 root root 1124 Nov 28 17:02 crypt_key.h -rw-r--r-- 1 root root 84372 Nov 28 17:02 crypt_key.o -rw-r--r-- 1 root root 3860 Nov 28 17:02 crypto.cpp -rw-r--r-- 1 root root 1252 Nov 28 17:02 crypto.h -rw-r--r-- 1 root root 98548 Nov 28 17:02 crypto.o -rw-r--r-- 1 root root 4836 Nov 28 17:02 depcomp drwxr-xr-x 2 root root 4096 Nov 28 17:03 docs -rw-r--r-- 1 root root 4100 Nov 28 17:02 file.cpp -rw-r--r-- 1 root root 500 Nov 28 17:02 file.h -rw-r--r-- 1 root root 4036 Nov 28 17:02 filemap.cpp -rw-r--r-- 1 root root 756 Nov 28 17:02 filemap.h -rw-r--r-- 1 root root 129380 Nov 28 17:02 filemap.o -rw-r--r-- 1 root root 111492 Nov 28 17:02 file.o -rw-r--r-- 1 root root 3236 Nov 28 17:02 INSTALL -rw-r--r-- 1 root root 3188 Nov 28 17:02 install-sh -rw-r--r-- 1 root root 2228 Nov 28 17:02 main.cpp -rw-r--r-- 1 root root 92628 Nov 28 17:02 main.o -rw-r--r-- 1 root root 5428 Nov 28 17:02 Makefile -rw-r--r-- 1 root root 308 Nov 28 17:02 Makefile.am -rw-r--r-- 1 root root 5508 Nov 28 17:02 Makefile.in -rw-r--r-- 1 root root 3236 Nov 28 17:02 missing -rw-r--r-- 1 root root 948 Nov 28 17:02 mkinstalldirs -rw-r--r-- 1 root root 500 Nov 28 17:02 NEWS -rw-r--r-- 1 root root 1444 Nov 28 17:02 process.cpp -rw-r--r-- 1 root root 404 Nov 28 17:02 process.h -rw-r--r-- 1 root root 80484 Nov 28 17:02 process.o -rw-r--r-- 1 root root 404 Nov 28 17:02 random.h -rw-r--r-- 1 root root 644 Nov 28 17:02 README -rw-r--r-- 1 root root 1220 Nov 28 17:02 redir.cpp -rw-r--r-- 1 root root 612 Nov 28 17:02 redir.h -rw-r--r-- 1 root root 81652 Nov 28 17:02 redir.o -rw-r--r-- 1 root root 505108 Nov 28 17:02 rsyncrypto -rw-r--r-- 1 root root 1556 Nov 28 17:02 rsyncrypto.dsp -rw-r--r-- 1 root root 436 Nov 28 17:02 rsyncrypto.dsw -rw-r--r-- 1 root root 2484 Nov 28 17:02 rsyncrypto.h -rw-r--r-- 1 root root 1876 Nov 28 17:02 rsyncrypto.mak -rw-r--r-- 1 root root 4436 Nov 28 17:02 rsyncrypto.man -rw-r--r-- 1 root root 196 Nov 28 17:02 stamp-h1 -rw-r--r-- 1 root root 180 Nov 28 17:02 stamp-h.in drwxr-xr-x 2 root root 4096 Nov 28 17:03 win32 [root@p3151447 root]# rsyncrypto -r -d -vvv --trim=3D3 /var/backup/dest/ /var/backup/restore/ /var/backup/keydir /root/req.pem Decrypting /var/backup/dest/autommap.h Decrypting /var/backup/restore/autommap.h error: Error in encrypted strea= m (trailer): Decrypting /var/backup/dest/redir.h Decrypting /var/backup/restore/redir.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/NEWS Decrypting /var/backup/restore/NEWS error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/README Decrypting /var/backup/restore/README error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/aes_crypt.h gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file Decrypting /var/backup/restore/aes_crypt.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/file.cpp Decrypting /var/backup/restore/file.cpp error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/stamp-h1 Decrypting /var/backup/restore/stamp-h1 error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/blocksizes.cpp Decrypting /var/backup/restore/blocksizes.cpp error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/config.h Decrypting /var/backup/restore/config.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/ gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file configure.ac Decrypting /var/backup/restore/configure.ac error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/main.o gzip: stdin: unexpected end of file Rotated 42077 Decrypting /var/backup/restore/main.o error: Error in encrypted stream: Decrypting /var/backup/dest/filemap.o gzip: stdin: unexpected end of file Rotated 46480 Rotated 15263 Decrypting /var/backup/restore/filemap.o error: Error in encrypted stream= : Decrypting /var/backup/dest/config.guess gzip: stdin: unexpected end of file Decrypting /var/backup/restore/config.guess error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/backup.key Decrypting /var/backup/restore/backup.key error: Error in encrypted strea= m (trailer): Decrypting /var/backup/dest/crypt_key.cpp Decrypting /var/backup/restore/crypt_key.cpp error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/process.o gzip: gzip: stdin: unexpected end of file stdin: unexpected end of file gzip: stdin: unexpected end of file Rotated 14363 Decrypting /var/backup/restore/process.o error: Error in encrypted stream= : Decrypting /var/backup/dest/main.cpp gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file Decrypting /var/backup/restore/main.cpp error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/Makefile.in Decrypting /var/backup/restore/Makefile.in error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/main.Po Decrypting /var/backup/restore/.deps/main.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/aes_crypt.Po Decrypting /var/backup/restore/.deps/aes_crypt.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/blocksizes.Po Decrypting /var/backup/restore/.deps/blocksizes.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/process.Po gzip: stdin: unexpected end of file gzip: gzip: gzip: stdin: unexpected end of file stdin: unexpected end of file stdin: unexpected end of file Decrypting /var/backup/restore/.deps/process.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/filemap.Po Decrypting /var/backup/restore/.deps/filemap.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/crypto.Po Decrypting /var/backup/restore/.deps/crypto.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/crypt_key.Po Decrypting /var/backup/restore/.deps/crypt_key.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/file.Po Decrypting /var/backup/restore/.deps/file.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/.deps/redir.Po Decrypting /var/backup/restore/.deps/redir.Po error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/aes_crypt.o gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file Decrypting /var/backup/restore/aes_crypt.o error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/rsyncrypto.man gzip: stdin: unexpected end of file Decrypting /var/backup/restore/rsyncrypto.man error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/mkinstalldirs Decrypting /var/backup/restore/mkinstalldirs error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/crypt_key.h Decrypting /var/backup/restore/crypt_key.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/config.h.in Decrypting /var/backup/restore/config.h.in error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/rsyncrypto.h gzip: stdin: unexpected end of file gzip: gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file stdin: unexpected end of file Decrypting /var/backup/restore/rsyncrypto.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/COPYING Decrypting /var/backup/restore/COPYING error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/rsyncrypto.mak Decrypting /var/backup/restore/rsyncrypto.mak error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/INSTALL Decrypting /var/backup/restore/INSTALL error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/redir.o gzip: gzip: stdin: unexpected end of file stdin: unexpected end of file gzip: stdin: unexpected end of file Rotated 16760 Decrypting /var/backup/restore/redir.o error: Error in encrypted stream: Decrypting /var/backup/dest/install-sh gzip: stdin: unexpected end of file gzip: stdin: unexpected end of file Decrypting /var/backup/restore/install-sh error: Error in encrypted strea= m (trailer): Decrypting /var/backup/dest/blocksizes.o gzip: stdin: unexpected end of file Rotated 22332 Decrypting /var/backup/restore/blocksizes.o error: Error in encrypted str= eam: Decrypting /var/backup/dest/file.h Decrypting /var/backup/restore/file.h error: Error in encrypted stream (trailer): Decrypting /var/backup/dest/config.log gzip: gzip: stdin: unexpected end of file stdin: unexpected end of file Decrypting /var/backup/restore/config.log error: Error in encrypted strea= m (trailer): Decrypting /var/backup/dest/file.o gzip: stdin: unexpected end of file Rotated 50064 gzip: stdin: invalid compressed data--format violated Broken pipe [root@p3151447 root]# ll restore/ total 868 -rw-r--r-- 1 root root 1508 Nov 28 17:04 aes_crypt.h -rw-r--r-- 1 root root 233475 Nov 28 17:04 aes_crypt.o -rw-r--r-- 1 root root 2640 Nov 28 17:04 autommap.h -rw-r--r-- 1 root root 0 Nov 28 17:04 backup.key -rw-r--r-- 1 root root 0 Nov 28 17:04 blocksizes.cpp -rw-r--r-- 1 root root 37587 Nov 28 17:04 blocksizes.o -rw-r--r-- 1 root root 41853 Nov 28 17:04 config.guess -rw-r--r-- 1 root root 2544 Nov 28 17:04 config.h -rw-r--r-- 1 root root 0 Nov 28 17:04 config.h.in -rw-r--r-- 1 root root 21644 Nov 28 17:04 config.log -rw-r--r-- 1 root root 0 Nov 28 17:04 configure.ac -rw-r--r-- 1 root root 4099 Nov 28 17:04 COPYING -rw-r--r-- 1 root root 2787 Nov 28 17:04 crypt_key.cpp -rw-r--r-- 1 root root 0 Nov 28 17:04 crypt_key.h -rw-r--r-- 1 root root 13115 Nov 28 17:04 file.cpp -rw-r--r-- 1 root root 0 Nov 28 17:04 file.h -rw-r--r-- 1 root root 131072 Nov 28 17:04 filemap.o -rw-r--r-- 1 root root 131072 Nov 28 17:04 file.o -rw-r--r-- 1 root root 7831 Nov 28 17:04 INSTALL -rw-r--r-- 1 root root 7122 Nov 28 17:04 install-sh -rw-r--r-- 1 root root 5411 Nov 28 17:04 main.cpp -rw-r--r-- 1 root root 83973 Nov 28 17:04 main.o -rw-r--r-- 1 root root 19549 Nov 28 17:04 Makefile.in -rw-r--r-- 1 root root 0 Nov 28 17:04 mkinstalldirs -rw-r--r-- 1 root root 579 Nov 28 17:04 NEWS -rw-r--r-- 1 root root 27236 Nov 28 17:04 process.o -rw-r--r-- 1 root root 829 Nov 28 17:04 README -rw-r--r-- 1 root root 1533 Nov 28 17:04 redir.h -rw-r--r-- 1 root root 26551 Nov 28 17:04 redir.o -rw-r--r-- 1 root root 6239 Nov 28 17:04 rsyncrypto.h -rw-r--r-- 1 root root 10032 Nov 28 17:04 rsyncrypto.mak -rw-r--r-- 1 root root 0 Nov 28 17:04 rsyncrypto.man -rw-r--r-- 1 root root 0 Nov 28 17:04 stamp-h1 [root@p3151447 backup]# md5sum source/README 8b6361d63172bc752d7299057f6ee39b source/README [root@p3151447 backup]# md5sum restore/README 8b6361d63172bc752d7299057f6ee39b restore/README |
|
From: Shachar S. <sh...@li...> - 2005-11-26 21:28:18
|
Hi all, If anyone on this list knows enough HTML and CSS to help me bring the new rsyncrypto site into shape, it would be great. I've set up joomla on http://rsyncrypto.sourceforge.net, but it currently has only the default joomla template. While not that bad, it's not that good either :-). If anyone here has the knowhow and the time, a joomla compatible HTML and CSS template would be greatly appreciated. I intend to use the site for better documentation, support etc. I'll also gladly give change access to anyone who would show initiative and willing. Thanks, Shachar -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html |
|
From: Shachar S. <sh...@li...> - 2005-11-26 09:41:31
|
Edwin Schouten wrote:
>When using rsyncrypto with these keys I get the folllowing error:
>[user@system]# rsyncrypto /home/user/ /var/backup/ /root /root/backup.crt
>mmap failed: No such device
>
>
A. You are giving directory names for source and destination. Please man
the "-r" option for how that should be done.
B. Your "keys" dir seems unlikely.
>Help please :)
>
>
>
Hope this does.
Shachar
--
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html
|
|
From: Edwin S. <po...@Ed...> - 2005-11-26 07:30:28
|
Dear rsy...@li..., I love the idea behind this funcionality. I just have some difficulties i= n setting it up. I use Fedora core 2 and ran into the following problems: -> Fedora needs archtable2. I downloaded the .tgz and compiled/installed = it. -> Shared library not found: export LD_LIBRARY_PATH=3D"/usr/local/lib" After this I'm able to compile and install rsyncrypto. Now the hard part...getting it to work. With the limited documentation I got this far: -> Create keys openssl genrsa -passout pass:<password> -aes256 -out backup.key -> Remove password from key openssl rsa -passin pass:<password> -in backup.key -out $CERT_NAME.nopass= .key -> Create certificate (public key) openssl req -new -key backup.nopass.key -x509 -out backup.crt When using rsyncrypto with these keys I get the folllowing error: [user@system]# rsyncrypto /home/user/ /var/backup/ /root /root/backup.crt mmap failed: No such device Help please :) Regards, Edwin Schouten. |
|
From: Shachar S. <rsy...@sh...> - 2005-11-08 15:19:56
|
Saul Hazledine wrote: > Hello Shachar, > Competition is good and hopefully we can encourage each other to > improve. I'm doing a course at University at the moment and am finding > that I don't have much time to spend on murk. However, I did have a > look at rsyncrypto when you first released it and have noticed the > following: > > 1) You're using C++ and that will make development quicker for you. > I'm currently stuck on a problem (building a pipeline which would > allow different types of compression and encryption) which would be > solved in C++ but is hard going in C. Your program also works on > Windows which is a bonus as murk is Unix only. While the infrastructure supports that, I have no plans of supporting any ciphers besides AES unless something bad happens to it. > 2) I don't know if you've considered it (I had to be told by various > people) but each time the encryption resets there are a few security > issues with what we are both doing: That and more. I'll send you my own cryptanalysis of rsyncrypto as soon as I find it... > i) The compression leaves a known header which should be removed > somehow. Well, that's only cause you compress each block individually. Rsyncrypto compresses the whole file as one unit prior to encrypting, which means that the compression block resets are not in sync with the encryption block resets. > ii) If the same key and IV are used when encryption resets , an > attacker can use this to get information about the plain text file > (see the comments section of murk on Freshmeat). I now change the IV > each time but am not sure the method I use is secure or not. I've been looking at this problem ever since I first started working on rsyncrypto. I have done everything I can to reduce the problem, but I'm fairly confident now that I do not intend to solve it completely. There are two approached I can see to solving this problem. The first is to choose an IV that is based on the unencrypted cipher in some way. This approach fails when you realize that more blocks have to repeat before the ciphertext becomes the same, but the core problem is not solved. The second approach is to integrate the IV sequence number into the IV selection function. This approach provides all the security in the world, but fails the simple practicality test - if the change done to the file between encryptions caused it's length to change enough that the number of block resets before the end of the change is different, the whole end of the file will now encrypt to a different byte stream and the rsync efficiency is out of the window. There was also a third approach, involving selecting really random IVs for each block. It had serious practical problems for rsyncrypto's uses, as it both require you to save a lot of state about the file to allow re-encryption, and has problems in matching the IVs to the same places they were used before. What I did with rsyncrypto: 1. compress the entire file with rsync friendly compression. This means that repetitions in the "plain text" (but compressed) file are less likely, as the compression would have removed most of them. This has the added benefit of greatly increasing the compression ratio. 2. Not have per block encryption or compression headers. The parameters for the block reset decision function are coded in the file's header, and the decryption simply uses the same decision function to know when to reset the IV. Another added bonus is lower overhead. I am considering other changes as well, but more on that later. > iii) Even if the encryption is perfect, some statistical analysis can > be run on the encrypted files to guess the type of data in the file > based on how often the encryption is reset and how many encrypted > blocks are the same. In a typical file encrypted with rsyncrypto: 1. It is impossible to know where the reset points are without having the key. 2. There should no (or very few) repetitions. This is not to say that it is impossible to know where a block starts. Either the begining of the encryption block or it's end will leak if you can capture an encrypted file both before and after a change (not both, though, which is curious but furtunate, due to the fact that gzip also has blocks, and also resets them). Still, the most important thing you can say about the point of the block reset is that the decision function fired at that point. I'm *fairly* certain that the decision function leak very little information about the actual data (chosen plaintext notwithstanding), and the fact that the information leaked about is the compressed plaintext, rather than the plain plaintext, adds to the difficulty of performing statistical analysis. > 3) I don't know if you have changed this but when I first saw > rsyncrypto you needed to have a patched version of gzip installed. I > believe the licence allows you to carry your own version of libgz > (this is something an interesting freshmeat project called zync does, > zsync is also worth looking at). Users would find this much more > convenient and you may get a performance increase. I know, and it's on my "todo" list. It is not as high priority as some of the other stuff I still have to do, so it will probably take a while. I provide the patched gzip for Windows along with the zip file, Debian already carries the proper gzip, and I'm not that interested in what other platforms will do :-). I do supply the gzip patch in rsyncrypto's "contrib" folder, to make other people's life SOMEWHAT easier. > Apologies if any of my comments are out of date -- there have been > lots of releases but I haven't had a chance to try them. Do try the latest one. It encrypts the file names, which I think is a major plus. > > Also, have you thought of integrating with GMail or GDrive somehow so > that you could use all that useful space for backups? This seemed it > could be a cool thing to do -- encrypt and backup to the email system. > I think the principles are the same but a different transport (ie not > rsync) would have to be written. I think that if that's what you want to do, an encryption method that does not suffer from rsyncrypto's (and murk's) deficiencies. It really only makes sense to live with them if you are going to be using rsync on the resulting files. In another aspect, if you check out my sig you will notice that I sell online backup services. It makes no sense to help people use the competition.... :-) > Best of luck, and please stay in touch. > Saul One general note. It seems that rsyncrypto is more tuned towards bulk operations. You can tell it to encrypt and entire directory, or even a list of directories and files. It will not use the same symmetric key OR IV for two files in an encryption. I generally get the feeling that you would want to invest more time in finding out what the use scenario for murk is, and how to make it best fit that scenario. Also, opening up a mailing list helps, I think. It's not that the patches for rsyncrypto were flowing in (I got none), but people using the product, and the occasional comment, are pretty priceless. -- Shachar Shemesh Lingnu Open Source Consulting ltd. Have you backed up today's work? http://www.lingnu.com/backup.html |
7 messages has been excluded from this view by a project administrator.
