Are you guys aware of any trusted remote solution, something I can setup a throttled rsync to with cron, that allows high end-to-end high encryption. I guess the only sensible place to do encryption at would be on my end. I've ready stories of people loosing their domain names due to having done business with Cuba (even people outside the USA) and my country of origin does business regularly in Cuba, so I'm also concerned about that aspect... although i guess that makes the criteria too tough.
I'd settle for encryption and reliability.
I'm guessing i can use fuse-encfs and just rsync it's dir
try a service that allows ssh and private, non-internet accessible, folders
/usr/bin/rsync -az --password-file=/path/to/password/file --delete user@ip:/path/to/remote/folder/ /path/to/local/folder/
" --password-file This option allows you to provide a password in a file for accessing a remote rsync daemon. Note that this option is only useful when accessing an rsync daemon using the built in transâ port, not when using a remote shell as the transport. The file must not be world readable. It should contain just the password as a single line."
password:user
-- Philip Dorr
On Fri, Mar 28, 2008 at 3:59 PM, Arthur Pemberton pemboa@gmail.com wrote:
Are you guys aware of any trusted remote solution, something I can setup a throttled rsync to with cron, that allows high end-to-end high encryption. I guess the only sensible place to do encryption at would be on my end. I've ready stories of people loosing their domain names due to having done business with Cuba (even people outside the USA) and my country of origin does business regularly in Cuba, so I'm also concerned about that aspect... although i guess that makes the criteria too tough.
I'd settle for encryption and reliability.
I'm guessing i can use fuse-encfs and just rsync it's dir
-- Fedora 7 : sipping some of that moonshine ( www.pembo13.com ) _______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
I've wanted something like that as well, but it always seems to be too expensive. Don't look for encryption at the remote location. There's no secure way to do that, as a matter of concept. You have to encrypt at your end before sending.
I used to use rsync.net, but it was WAY too expensive in the long run. S3 might be cheaper, but the whole having to pay every month thing, well, sucks. If you're interested, I'd be open to trading equal sized hard drives, and then you can back up to your drive in one of my machines, and I to mine in one of yours. I don't want any way to decrypt your data, and you won't be given any way to decrypt mine either. All we would be obliged to do is keep it online, and avaliable, and follow equal rules on what hours and what xfer speeds are acceptable.
I will be at the next meeting. Let me know what sizes you have, I can do 750, 300, 200, maybe 500, I'll have to check when I get home.
On Fri, Mar 28, 2008 at 4:32 PM, Philip Dorr tagno25@gmail.com wrote:
try a service that allows ssh and private, non-internet accessible, folders
/usr/bin/rsync -az --password-file=/path/to/password/file --delete user@ip:/path/to/remote/folder/ /path/to/local/folder/
" --password-file This option allows you to provide a password in a file for accessing a remote rsync daemon. Note that this option is only useful when accessing an rsync daemon using the built in transâ port, not when using a remote shell as the transport. The file must not be world readable. It should contain just the password as a single line."
password:user
-- Philip Dorr
On Fri, Mar 28, 2008 at 3:59 PM, Arthur Pemberton pemboa@gmail.com wrote:
Are you guys aware of any trusted remote solution, something I can setup a throttled rsync to with cron, that allows high end-to-end high encryption. I guess the only sensible place to do encryption at would be on my end. I've ready stories of people loosing their domain names due to having done business with Cuba (even people outside the USA) and my country of origin does business regularly in Cuba, so I'm also concerned about that aspect... although i guess that makes the criteria too tough.
I'd settle for encryption and reliability.
I'm guessing i can use fuse-encfs and just rsync it's dir
-- Fedora 7 : sipping some of that moonshine ( www.pembo13.com ) _______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
Gentlemen,
Thanks for all the input: rsync.net seemed to be a good candidate, especially with the GeoSync service but they are way out of my price range. On a side note, seems like rsync is big on protecting your data even from the government, "sending" alerts if your data is compromised by higher forces: http://www.rsync.net/
I found this slashdot article (should have know that was asked already): http://ask.slashdot.org/article.pl?sid=06/08/01/007237
In the article, I saw some Canadian website, which offered rsync, which on the surface met my requirements: http://www.blacksun.ca/
But I think I like this Amazon S3 reseller. The only problem I have with their service is that I it probably doesn't do rsync to their own machine, and i'm not sure if there is any reliable way to throttle things: http://www.jungledisk.com/
I was thinking of setting up my dirs like this since I'm thinking of allowing 1 or two of my close friends to use it, and I have at least 3 machines in mind for this.
/FullName ---| |--- host1 ---| |--- crypt |--- plain |--- host2 ---| |--- crypt |--- plain
I'm thinking to have crypt be the base folder for a fuse-encfs mount to '/mnt/backup/crypt' and just symlink /mnt/backup/plain to the appropriate folder.
Again, my main concern that this is going to use my full bandwidth. It would be great if it would cache things and just trickle the changes up at some time when I determine. I'm planning on emailing, their apparently knowledgeable, support to ask their opinion on this. But the price is doable for me. I haven't had data loss in awhile, and so I think probablity is slowly catching up on me, so I'm going try to set this up soon.
On Friday 28 March 2008, Billy Crook wrote:
If you're interested, I'd be open to trading equal sized hard drives, and then you can back up to your drive in one of my machines, and I to mine in one of yours.
So I just need to take out Kansas City to get rid of all your backups... ;)
I don't want any way to decrypt your data, and you won't be given any way to decrypt mine either.
And what happens when you lose your data and need that backup? I hope you have plans for backing up your decryption private key as well... The best solution to this problem I can come up with is to simply XOR the private key with a memorized passphrase (so the file can't be identified), perhaps stick a few fake-but-potentially-possible headers on it, and put it somewhere nobody will expect but it will survive if needed.
On Sat, Mar 29, 2008 at 3:25 PM, Luke -Jr luke@dashjr.org wrote:
And what happens when you lose your data and need that backup? I hope you have plans for backing up your decryption private key as well... The best solution to this problem I can come up with is to simply XOR the private key with a memorized passphrase (so the file can't be identified), perhaps stick a few fake-but-potentially-possible headers on it, and put it somewhere nobody will expect but it will survive if needed.
I e-mail such things to one of my hotmail sock-puppets.
On Fri, Mar 28, 2008 at 3:59 PM, Arthur Pemberton pemboa@gmail.com wrote:
Are you guys aware of any trusted remote solution, something I can setup a throttled rsync to with cron, that allows high end-to-end high encryption. I guess the only sensible place to do encryption at would be on my end. I've ready stories of people loosing their domain names due to having done business with Cuba (even people outside the USA) and my country of origin does business regularly in Cuba, so I'm also concerned about that aspect... although i guess that makes the criteria too tough.
I'd settle for encryption and reliability.
I'm guessing i can use fuse-encfs and just rsync it's dir
-- Fedora 7 : sipping some of that moonshine ( www.pembo13.com )
With sincere respect for the political implications. At this stage I can only lay out broad categories. Do we have any Truecrypt experts on list? My closing statement- and it's NOT a joke- Maybe KCLUG could reincarnate Tinfoil Hat Linux in a current secure fashion?
-
Arthur Pemberton -
Billy Crook -
David Nicol -
Luke -Jr -
Oren Beck -
Philip Dorr