New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Encrypted backups on OpenVZ VPS-es
Hi,
I'm using the really nice Time4VPS storage VPS for storing backups, however they are OpenVZ based and I'd like to store my files in an encrypted way. I don't care about some really advanced hack looking at the container's memory, I just don't want my files to be stored on their disks in plain text.
I've been using duplicity to do encrypted backups but it's painfully super slow to restore. I'm looking for a better alternative, and so far I couldn't find anything which matches rsync in it's speed. My only problem with rsync is that it would leave the files unencrypted.
- Can you recommend a simple way to simply encrypt a folder on an OpenVZ VPS?
- Do you have any ideas for a better backup tool which has similar performance to rsync, yet stores encrypted and snapshotted backups?
Comments
encfs is the usual way for it.
You can encrypt the data before rsyncing it if you want faster transfer speeds. Otherwise encrypting during transfer can be pretty slow depending on the encryption level and CPUs.
@KuJoe: but I'd only delta-sync, thus there would be almost no data to be synced regularly. Say 5 MB / hour or something like that after the initial sync.
Module fuse not found
-> does that mean that I cannot use encfs on that VPS? What are my options? Asking in a ticket to enable fuse or use something which doesn't involve fuse?Most providers will enable FUSE for you in a ticket. I can't recall ever having a provider tell me no when I requested it even for really cheap NAT'ed VPSes.
Thanks, I'll ask them. On the other hand, what do you recommend for encrypting on client side which has better performance than duplicity?
Time4VPS does not support fuse on their storage range.
unfortunately we can't enable FUSE module because of our virtualization limitation.
ahh, then Time4VPS has to be the first provider to do so... :-(Well that's surprising
Any other options or any tool which can do client side encryption and has good restore performance?
Wow, that's really surprising...I've never had an OpenVZ provider tell me they don't do FUSE.
Eh? Doesn't make much sense.
I am using BorgBackup and found it to work reasonably well.
@mzz I've read a lot about backup tools and so far BorgBackup seems like a winner for me!
BTSync of whatever they call it not does encryption now, but being closed source has always prevented me from using it. Hopefully one of these days SyncThing will offer a similar solution in the future (there's a $1000 bounty on this feature here: https://www.bountysource.com/issues/1474343-support-for-file-encryption-e-g-non-trusted-servers).
CrashPlan also does encryption but I've never used their free version before so I can't comment on it either.
You could use zbackup.
1- Local backup with zbackup (Deduplication and encryption)
2 - rsync zbackup directory destination to Time4VPS.