> I thought about such a solution, too, but it simply doesnt work in my case. > See, my servers hold hunderts of gigabyte of data. If just 1 bit is changed, > gpg would create a different encryption stream from this on => the gpg file > is not rsyncable, so that each day my entire data would have to be > transferred. Creating a gpg archive for each directory or even for each file > would still be too inefficient, because I have very large database files > with a size of multiple gbs. They are really good rsyncable when not > encrypted. The aim would be to add real strong encryption and to keep the > efficiency of rsync. AFAIK loop-aes is fully transparent on block level I/O. It is not a stream cipher. Each disk block is encrypted independently on others. Am I wrong? Gabor - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
