La manière la plus facile d’encrypter les données est d’utiliser un plugin Fuse encFS :
- Créer un plugin FuseEncFS pour NSsbackup
- Ajouter une section cryptage dans la configuration NSsbackup
- Pendant la sauvegarde, si l’encryptage est activé, monter le dossier de destination via encFS (après l’initialisation de FuseFileAccessManager).
- Effectuer la sauvegarde
- Démonter le Dossier FuseEncFS
- Terminer FuseFileAccessManager
(from the same suggestion to SBackup)
Some ideas:
* Backups should be performed without human intervention (no keys asked).
* No keys should be stored in plain format.
* Keys should be in the backup destination (in case it is a different machine).
Public key ciphers are a good start. The public key could be used to cipher backups and the private key could be password protected and embedded in every backup (gpg could be used to do this).
As to the incremental backup problem, the main issue is to determine if a file is already backed up without knowing the backup contents. For this, a good solution could be to create a list with md5/sha1c signatures of each file name, attributes (without atime) and some salt. As those are one-way functions one can test for existence but can’t know the contents.
The backup procedure would then be:
On the backup setup:
* Ask for a password
* Create a public / private key pair
* Cipher the private key using the given password with a symmetric cipher
* Store both keys along with the backup configuration
—-
Backup:
* Create a list of files to be backed up. Such list must have attributes.
* Exclude files already present in a previous suitable backup.
* Either comparing flist, fprops
* Or testing against the one way hashes.
* Create a normal backup piping trough a gpg in asymmetric mode with the public key already created
* no local backup (out of space)
* or remote plain intermediate file (security).
* all files should have the same procedure
* Chose a salt and create the hashed file list
* Append the ciphered private key.
—-
Restore:
* Open the private key with the user provided password
* Restore the original backup (piping through a gpg for decryption).
—