RE: Securing Backups via Encryption

[Atom Smasher <atom () smasher org>]

> If you would not mind sharing some of your solutions.
>
> What are you using to encrypt data that goes to tape?
> What are you using to encrypt data that goes to disk?
> What are you using to encrypt data that goes to an offsite storage
> facility via web (ie. Xdrive or similar service offsite service)? What
> services do you employ to handle secure backups offsite?
===============

snippet from one of my backup scripts:

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

gpg_encrypt () {
     ## simple function to set GPG options in one place
     ## and allow a very short command below
     gpg -v --cipher-algo twofish --s2k-cipher-algo blowfish --compress-algo bzip2 -z 9 -cer 0xD9F57808
}

tar cvf - /path/to/data | gpg_encrypt > /dynamo/file.pgp

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

/dynamo is my dynaMO drive.

note that this is encrypted BOTH symmetrically and asymmetrically... if i 
have my keyring intact it's convenient to decrypt using the asymmetric 
key, but if my keyring is lost it's nice to have another way to recover 
the data. since the data being backup up includes my keyring it's a real 
possibility that i might have to recover the data and not have 
(convenient) access to my secret key.


-- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

        "Everyone has the right to freedom of opinion and expression;
         this right includes freedom to hold opinions without
         interference and to seek, receive and impart information and
         ideas through any media and regardless of frontiers."
                -- Article 19, Universal Declaration of Human Rights,
                United Nations