From owner-freebsd-security Mon Nov 26 17:58:38 2001 Delivered-To: freebsd-security@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 30F9F37B43A for ; Mon, 26 Nov 2001 17:58:22 -0800 (PST) Received: (from root@localhost) by cage.simianscience.com (8.11.6/8.11.6) id fAR1wLA29878; Mon, 26 Nov 2001 20:58:21 -0500 (EST) (envelope-from mike@sentex.net) Received: from chimp.sentex.net (fcage [192.168.0.2]) by cage.simianscience.com (8.11.6/8.11.6av) with ESMTP id fAR1wI129870; Mon, 26 Nov 2001 20:58:18 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20011126205442.043d1fe0@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Mon, 26 Nov 2001 20:58:17 -0500 To: Kris Kennaway From: Mike Tancsa Subject: Re: crypted remote backup Cc: freebsd-security@freebsd.org In-Reply-To: <20011126175320.C20635@xor.obsecurity.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org What is password security like in programs like RAR ? The warez traders seem to like to use it for posting to newsgroups because you can add extra recovery information into each of the parts/volumes. There is also a built in encryption option. Do think it is sufficiently safe ? ---Mike At 05:53 PM 11/26/2001 -0800, Kris Kennaway wrote: >On Mon, Nov 26, 2001 at 05:12:41PM -0800, Randy Bush wrote: > > > If you want rsync to only copy the updated/modified stuff you'll have > > > to do the encryption on the "source" server and keep it in a separate > > > "tree" > > > > so i have been thinking > > > > > and using PGP/GPG to do the encryption is the easiest way I've found to > > > do it. > > > > is this feasible for 2GB files? > >I wouldn't recommend using it on all 2GB..a single bit error will >render your backup useless. That's why I suggested breaking the file >into chunks in my earlier mail. I wouldn't recommend using PGP >either; you probably don't need it, and it will be slower than >alternatives. Just use OpenSSL..e.g. an appropriate symmetric cipher >and passphrase. > >Kris -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message