[Mageia-sysadm] Backups on fiona.mageia.org
misc at zarb.org
Tue Feb 21 18:08:42 CET 2012
Le lundi 20 février 2012 à 22:26 +0100, nicolas vigier a écrit :
> On Mon, 20 Feb 2012, Michael Scherer wrote:
> > I would look at bacula.
> We can look at bacula also.
> > I would also see if we can encrypt backup so someone accessing to fiona
> > would not automatically get everything :)
> > ( like someone taking one disk from the server ).
> What does it protect us against ?
> If someone gets root access on the server while it is running, the
> encryption is useless.
Depend how the encryption is done. I was looking at how becula does it,
and you can encrypt on the client before sending to the server, so if
someone steal the drive or got root, he cannot do much.
( and there is a master key password so we can restore in the event the
server is down )
Granted, he can still steal the disk on others servers in the same data
center, until we protect them.
( and I think since we have raid, there is no need to shutdown ).
So if we take this road, we should start to see if we need to encrypt
them as well. The downside is that we would need to connect to ssh to
enter the password by hand in case of power failure ( like by ssh ).
Not sure if we want to take this road, and if this will not be more
hassle than worth.
More information about the Mageia-sysadm