recovering corrupt, encrypted tar data from tape
I'm looking into building a backup system for my home network, and I want to encrypt all of my tape backups.
I haven't done much with tape backup before, but I know that tar was designed to send a stream of data to a tape. Correct me if I'm wrong, but it's my understanding that--because of the way tar works--it's relatively simple to restore data from tapes when a fraction of the data pulled off the tape is corrupted.
Now, if I was to send _encrypted_ data to a tape, would it still be possible to restore corrupted data in such a way? If so, would it be significantly more difficult?
Cheers and TIA!
I was waiting for someone else to respond first, but nobody is; so, I'll jump in even though I haven't had to deal with recovering a corrupted encrypted backup myself.
I think if a backup is encrypted, and there is some corruption in the backup on disk or on tape, it will be much harder to recover. The corruption, instead of just being the particular bits that are corrupted will affect larger segments of the data, dependent on the algorithm. I tried finding some references through google, and it turned out to be a difficult search. There are just some indications in the following links. Towards the end on both.
http://www.truecrypt.org/faq <-- scan down that page for "corrupt"
If I were doing this, I would break up the backup into smaller pieces. For example, if you had a large drive that you were backing up, I wouldn't even think of doing a single tar of the whole thing and then encrypting it. Break it up logically into smaller pieces, directories, and back those up separately. You could easily script that, and most backup software will have some means of doing that. In Amanda for example, you set up a disklist file, and the lines in that file (referred to as DLE's or DiskList Entries) specify something that is to be backed up and how. It can use gnu tar, and it can encrypt backups.
I would also make sure I had multiple backups at any given time. If one is damaged or corrupted, you will have another to go to. At home I'm more lax about that. At work, I have 6 weeks plus periodic archives of nightly backups with at least one full each week. I'm also beginning to use ZFS, which gives me better reliability in my file systems.
|All times are GMT -5. The time now is 03:44 PM.|