[wplug-internet] Backups

[Vance Kochenderfer]

Michael Semcheski <mhsemcheski at gmail.com> wrote:
> We have a script that ssh's to their computer, mounts an encrypted
> file system using fuse.

Now that's a really intriguing idea.  I was stuck thinking of GPG-
encrypted tarballs, which as noted doesn't give you the efficiency
benefit of rsync.  Is there a de-facto leader in encrypted FS?  I
would assume Bill's target machine is FreeBSD, so it would need to
be cross-platform, right?

There's one other possible difficulty - since we need to back up
root-owned files, then either the target will need root access to
the server, or the server will need root access to the target.
Unless there's a way to maintain root ownership of files on the
target machine without needing root access (some sort of jail, or
a filesystem mount option, maybe)?

Bill's question about how much data are sensitive is a good one,
too.  It's actually a pretty small number.  If I take an expansive
view, it probably extends to the membership list, system password
files, wiki passwords (embedded in the MySQL DB files), mailman
subscription lists and passwords, and possibly items contained in
individual users' home directories.  The hard part is that I don't
know how simple it would be to segregate this stuff out.

Vance Kochenderfer        |  "Get me out of these ropes and into a
vkochend at nyx.net          |   good belt of Scotch"    -Nick Danger