From owner-freebsd-security  Wed Nov 28 11:23:26 2001
Delivered-To: freebsd-security@freebsd.org
Received: from roble.com (mx0.roble.com [206.40.34.14])
	by hub.freebsd.org (Postfix) with ESMTP id C77ED37B419
	for <security@FreeBSD.ORG>; Wed, 28 Nov 2001 11:23:20 -0800 (PST)
Received: from localhost (marquis@localhost)
	by roble.com  with ESMTP id fASJNKq03399
	for <security@FreeBSD.ORG>; Wed, 28 Nov 2001 11:23:20 -0800 (PST)
Date: Wed, 28 Nov 2001 11:23:20 -0800 (PST)
From: Roger Marquis <marquis@roble.com>
To: <security@FreeBSD.ORG>
Subject: Re: crypted remote backup
Message-ID: <20011128103543.Y99493-100000@roble.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> If you want rsync to only copy the updated/modified stuff you'll have
> to do the encryption on the "source" server and keep it in a separate
> "tree"

We gave up on rsync years ago.  Too many bugs, too little QA, and
too many changes between versions.  IMHO, dump/restore/ufsdump/ufsrestore
are still the best tools for backing up Unix systems.  Dump/restore,
when combined with scratch files or partitions and ssh, is a solid
and reliable solution with good degree of forward and backward
compatibility.

The first step in a production backup hierarchy are near-line
archives, typically to one or more local hard drives.  This step
does not normally require encryption:

	##### on the (source) server:
	mount /dev/da0a /var/d2
		(or mount /dev/da0{b,d,e,f,g} ...)
	cd /var/d2
	dump 0uf - / | restore xf -
	umount /var/d2

The second step is migration to a centralized backup server.  This
usually involves a network which may or may not be secure.  An
IPsec+3DES VPN based on hardware like Cisco's PIX or Checkpoint's
Firewall-1 is one way to encrypt this traffic.  For considerably
less money you can achieve the same result using OpenSSH:

	##### on the (destination) central backup host:
	touch /var/backups/${server}-`date|nawk '{print $2"-"$3"-"$NF}'`
	chmod 400 /var/backups/${server}-`date|nawk '{print $2"-"$3"-"$NF}'`
	/usr/local/bin/ssh root@${server} -n 'dump -0f - /dev/da0a' | \
		dd of=/var/backups/${server}-`date|nawk '{print $2"-"$3"-"$NF}'`

Finally, long term storage is most economically done to tape:

	dump 0f /dev/rmt/0 /var/backups

These tapes can then, ideally, be stored in fire-proof data safes
at one or more off-site locations.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message