LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-30-2007, 06:09 AM   #1
rblampain
Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 7
Posts: 833

Rep: Reputation: 35
backup of files from encrypted disk


Probably a silly question, is a backup of files held on an encrypted hard disk also encrypted or are the files decrypted before being copied, for example, on a CD?

If the files are decrypted, can I also make the CD an encrypted drive? How?

Thank you for your help.
 
Old 09-30-2007, 06:28 AM   #2
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
The files are decrypted when the backup program reads the files. If you want the backup to be encrypted then you have to copy them to an encrypted medium. For example when I back up my encrypted partition I mount an external USB drive with an encrypted partition. Then I back up the files from their working location onto the encrypted partition on the external drive.

If you want to have an encrypted CD then you will have to make an encrypted container file that will fit on the CD, bind that to a loop device, make a file system in the loop device, mount the loop device, back up your files into the container file, unmount it, and copy the container file onto the CD. Keep in mind that a normal data CD has a file size limit. If you want to use the entire 4.7 GB of space you may need to convert the container file to an ISO 9660 image.

There are threads on this web site for using loop devices and container files.

Last edited by stress_junkie; 09-30-2007 at 06:32 AM.
 
Old 09-30-2007, 06:30 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,165
Blog Entries: 54

Rep: Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807Reputation: 2807
//Sorry, didn't see stress_junkie's reply when I posted.

Quote:
Originally Posted by rblampain View Post
Probably a silly question, is a backup of files held on an encrypted hard disk also encrypted or are the files decrypted before being copied
Generally speaking if you use OTF disk encryption that works kind of like a VFS layer then if you have access and copy files from the live filesystem they would be unencrypted. OTOH if you talk taking 'dd' type of backups you're below VFS layers and it wouldn't be.


Quote:
Originally Posted by rblampain View Post
If the files are decrypted, can I also make the CD an encrypted drive?
AFAIK not. A CDRW itself does not have a concept of filesytems other than what it needs to write, so you would need an intermediate step to encrypt contents. For instance using EncFS (note it doesn't provide the strongest encryption around) you could make a directory, encfs-mount it, copy contents over, unmount it, 'mkisofs' the dir, then write. Once written you can encfs-mount the dir on the CDR and access files transparently. Regardless the FS you use, make sure you give thought to wiping/shredding used files anyway.

Last edited by unSpawn; 09-30-2007 at 07:45 AM.
 
Old 10-01-2007, 12:01 AM   #4
rblampain
Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 7
Posts: 833

Original Poster
Rep: Reputation: 35
Thank you both for your answers, I am learning a lot.

I only knew of the existence of encrypted disk but now I am wondering, if the extraction of the data from such a disk automatically gives unencrypted data, what is the point of encrypting the disk?

There must be something I am missing since, in my view, if the disk drive falls into the wrong hands, anybody can read it.

It looks like a script that makes a "dd" then an iso9660 of the resulting file should be the answer.

Can the automation of such a process result in an easy job for an operator or is it inevitably complex?

I am thinking this task can only be easy if it is possible to pre-label them (externally) and give the CDs a sort of individual identity when they are written so that each CD is easily identifiable by the backup/restore procedure.

If this is complicated, perhaps I should consider backing up to an encrypted hard drive rather than a CD.

I would appreciate your views very much.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How safely encrypted are my files? make Linux - Security 4 11-04-2006 05:02 AM
LXer: Network based (encrypted) backup in 15 minutes LXer Syndicated Linux News 0 06-28-2006 01:21 PM
writing encrypted data to disk rblampain Linux - Security 14 07-31-2005 11:38 PM
disk to disk backup for debian/Mempis on bootable cd-- advice loninappleton Linux - Software 3 05-27-2005 01:00 AM
can I backup a root disk and boot from the new backup disk linuxbkp Linux - Enterprise 3 10-15-2004 06:42 PM


All times are GMT -5. The time now is 07:02 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration