On 8/06/2014 4:06 AM, Bzzz wrote: > On Sun, 08 Jun 2014 03:34:04 +1000 > Andrew McGlashan <andrew.mcglas...@affinityvision.com.au> wrote: > >> Doing a GPG backup of the closed crypt volume would not >> compress well. Obviously the more /real/ data there is on the >> open crypt volume, the larger a GPG backup file will be. > > Indeed, it is very bad practice to bit backup (except > if you're a forensic)…
Sometimes you want forensic backups.... like having a USB image that is /known/ to work for instance, or you might want to play around with something that could risk your data and you want to be sure you can get back to /exactly/ as it was before. I do use snapshots though, that helps. Definitely don't want to do risk things without good backups, one way or another. >> Besides, >> this is just for example, backing up with GPG might not be a good >> idea (tm). Although if you use duplicity [1], it might be an >> excellent idea, but I don't know enough about that yet. > > One backup pgm I find _very_ practical, when huge tapes > aren't required, is BackupPC (http://backuppc.sourceforge.net/). > You can even backup a whole Linux system. Yep, one day I might try it out -- I use rsnapshot for backups, works similarly, but without the web interface and I'm the only one who touches it here. I was using 3-way RAID1 mirrors and rotating disks, shutdown, remove disk, startup, add replacement disk. But not at this time, although it may happen again soon. Having clean backups disks off-line is safer than having everything online. > It compresses all files, symlink them when they haven't > change from one backup to another, you get a nice http > interface (no need of a http svr) where even users can > backup/restore themselves part or all of their files, > the way it acts allow you to keep backups for long periods > of time, etc… rsnapshot doesn't compress [the backups], that might be the biggest plus -- it does use symlinks though. > It can also use the rsync method to keep network exchanges > quite low. rsnapshot uses rsync and I can easily exclude ares with .rsync-filter files. > Note: for your partition(s), using /dev/urandom isn't a problem. > Pseudo random generator under Linux is not that bad and > its output fit your needs. Yes, but I still prefer /dev/random for more real random, even if it blocks. In my case, I am using /dev/random for the crypt master keys now -- but /dev/urandom should be just as good here as well ... still, my preference is for /better/ random ;-) Cheers A. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53936ffb.8010...@affinityvision.com.au
