On Tue, Aug 22, 2017 at 3:27 PM, rakeshkumar464 <rakeshkumar464@xxxxxxxxxxx> wrote: > Thanks John and JD. > > John: Are you telling that the backup of a database has no protection? If you use LUKS to encrypt a filesystem and then copy any file data on that filesystem to another file on an unencrypted filesystem, then the copy is not encrypted. You'd need to use something like gpg2 to encrypt it before storing. The same if you dumped the database using a utility such as pg_dump. I don't know of a way to encrypt a database such that it is unencrypted transparently for the PostgreSQL server, but not for some other application which can access the physical files. And even if this were possible, the pg_dump would output unencrypted data. This is basically due to your requirement that the PostgreSQL client (application) not supply a password to PostgreSQL to do the decryption. Of course, you could embed the encryption/decryption into the application itself so that the data is encrypted before it is passed to PostgreSQL to store. But I think that violates your original requirements. -- If you look around the poker table & don't see an obvious sucker, it's you. Maranatha! <>< John McKown -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
