Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Raid5 box & backup



Bruno,

The first thing you need to ask yourself is, is this for the purposes
of back-up, or do you need to use either or both (local and remote) of
these as file systems.

If it's just for backup, you should probably do what we do at Starling:
give everyone their own machine with an appropriately encrypted disk,
use a backup script that encrypts the data (we use PGP) before it leaves
the box and sends it to the local backup server, and then just rsync the
local and remote servers.

Failing that, for filesystem access probably the most reasonable way
to deal with it is to use one of the drivers that exports what's
essentially a raw set of blocks across the network, such as iSCSI or
ATA-over-ethernet, and have your personal host place an encrypted
file system on that. But then you have to deal with the issue of
replicating it, which can probably be done with rsync if you replicate
unidirectionally, but likely can't be done at all bidirectionally.

You also want to figure out what level of security you really need here.
As usual when rolling your own system, it's easy to mess up and be a lot
more inscecure than you'd hoped. If you don't want folks in France to
have access to you data because, say, you're intending to keep client
data on there and you'd be facing civil or criminal liability should
something happen, you'll want to get your system reviewed by an expert.

cjs
-- 
Curt Sampson       <cjs@example.com>        +81 90 7737 2974   
Mobile sites and software consulting: http://www.starling-software.com


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links