![]() To add incremental backups would need date checking and/or file hashes, comparing to find new/changed/deleted files, and only copying the appropriate files, but that tends to explode the complexity of the process. If I were to try it myself, I'd probably write a short BASH script to mount an EncFS folder online, copy backup files to it, and unmount when it was done syncing. A web search would probably find some programs that have automated encrypted cloud backups, if you trust the companies / cloud storage, but the point of DIY encryption is usually so you will be the only person in the who has the key. ![]() I'm not sure about a fully automated solution to backup scattered folders, encrypt and upload and delete the originals all at once, that wasn't part of the question when I originally answered. To restore (or view) the backup, we need access to the encryption options in plaintext, which has to be passed to encfs with the environment variable ENCFS6_CONFIG (we use a different directory in order not to mess up the existing ~/mythesis): $ ENCFS6_CONFIG=~/mythesis/.encfs6.xml ~/mnt/usbstick/thesisbackup ~/restoremythesis They will vanish once it is unmounted (no, this is not due to usage of the /tmp mountpoint).įor the second reason, now is the time to copy the encrypted files to the desired backup location, before unmounting the temporary encfs directory again: $ cp -R /tmp/thesisbackup/* /mnt/usbstick/ Secondly, the files in /tmp/thesisbackup are not persistent. Using the -reverse option has two effects: Firstly, the configuration file is now stored in the plaintext directory and /tmp/thesisbackup only contains it in encrypted form. Note the directory order is reversed to normal usage in this case. The following example assumes you want to create an encrypted backup of an existing plaintext directory ~/mythesis which contains the file thesis.txt.įirst, we create the encrypted backup of the existing plaintext directory: $ encfs -reverse ~/mythesis /tmp/thesisbackup Here's some pasted info: Backup plaintext directory Then the "virtual" encrypted files can be sent to the cloud (or any backup location) and you just need the encrypted options file (encfs6.xml, keeping it with the backup files would work) and passphrase to read them. Here's the best backup feature of EncFS (IMO) - it can do a " -reverse" mount, using a plain folder to create a "virtual" encrypted copy, without writing a single byte to your hard drive. Linux-oriented, but if the EncFS port for windows works it should be useable too. Super ArchWiki EncFS page - very good info on using EncFS. encfs4win - "experimental project of porting encfs to the Windows world".How-To Geek on How to Encrypt Cloud Storage on Linux and Windows with EncFS.The local files can remain un-encrypted, while the online copy/folder would be encrypted.ĭeleting the local files is an option ( after verifying the online copies can be decrypted), but for a good backup strategy you should keep a local copy somewhere/somehow just in case the online copy has problems, or the passphrase is lost, etc. ![]() Or, you could use an encrypted filesystem like EncFS to encrypt a local folder into a shared OneDrive (or other service) folder. Or, you could use a tool like TrueCrypt (though it's no longer officially supported) or dm-crypt/LUKS to create a big encrypted container file, put your files inside it, and copy the whole container to wherever. Then copy the encrypted files to wherever for backups. Sure, you could use PGP/ GPG to encrypt the files, either using your own personal public key (then you only remember your personal key's passphrase) or using -c conventional encryption only with a passphrase for the file you have to remember.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |