Encrypted remote backups & issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello

I'd like to do incremental encrypted remote backups. I thought this might be a solution: use nbd (network block device, from standard kernel) to access the backup partition or file on the server.

 nbd-client $host $port /dev/nbd/0
 losetup -e blowfish /dev/loop0 /dev/nbd/0

 # optional: ext3 journal device:
 backupjournal=/root/backup.journal
 dd bs=4096 count=8192 < /dev/zero > $backupjournal
 losetup $backupjournal /dev/loop1
 mke2fs -O journal_dev /dev/loop1

mke2fs -j -J device=/dev/loop1 /dev/loop0

 mount /dev/loop0 /mnt/loop0
 mkdir /mnt/loop0/{data,trash}

 rsync -aHxv --delete --exclude=$backupjournal \
  --backup-dir=/mnt/loop0/trash/ / /mnt/loop0/data/


These are the problems and issues I'm asking here:


1. My client os (linux 2.4.22 + ben1 (Ben Herrenschmidt's powerpc patch) + freeswan) freezes completely every now and then. At first, I thought it was because I used an NBD partition of 8GB (e.g. large file), it froze right in the middle of the mke3fs. I then upgraded nbd-server+-client to the current Debian unstable versions and retried with 1.5GB, which worked well, until I copied a few 100MB of data onto the filesystem, then froze again.
Is cryptoloop not yet stable? Is NBD to blame? Is it the combination of both? Is it the journaling to blame? Is it that I'm tunneling the nbd data stream through an ssh tunnel (see below)?


2. I realize that cryptoloop does not use checksums/signatures at all. Of course that means that an attacker can easily destroy my backup volume while in transit or while stored on the (broken in) backup server in subtle ways, so that I won't notice it except that some random files are broken etc., and maybe he can even make the client os crash (because of bad filesystem structures) or other bad stuff. I'd like to have a way to prevent this. Currently I'm tunneling the traffic through ssh (how ironic) and simply hoping that the image on the server is never modified by third parties.


Are there alternatives? tar|gpg|netcat(+md5) is a solid solution but requires full backups each time. Anything else?


Thanks for any answers
Christian.
-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/


[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux