[H-GEN] Encrypting a tar backup

Jason Parker-Burlingham jasonp at uq.net.au
Wed Oct 23 01:34:38 EDT 2002 

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

"Harry Phillips" <hphillips at 4ward.com.au> writes:

> I have created a script that creates a compressed tar file for the
> contents of certain directories, creates an ISO from that file, blanks
> the CD-RW in the drive and then burns the ISO to the CD.
> 
> What I am concerned about is if the CD fell into the wrong hands. I want
> to be able to see the file on the CD but be unable to extract the
> contents without a password.

Well, probably the best program to use is gpg, either with some public
and private key infrastructure, or in the 3DES encryption mode (the
two are slightly different; I'll try to explain if you or someone else
asks).

Beware of snake oil!  There are a _LOT_ of well-meaning and perhaps
not so well-meaning companies and individuals out there that will try
to sell you `encryption' that is utterly worthless.

The trick is managing the private keys (or 3DES decryption keys) in a
sensible manner, since this becomes data that needs to be backed up,
disseminated, and perhaps changed as people come into and leave your
organization, etc.  It's a tricky business, even more so when you
consider that

        (a) if you lose the decryption key(s), some or all of your
        backups are utterly useless; and

        (b) the decryption key(s) cannot be backed up on the same
        media as the backups themselves.

There are other things to consider (I can think of another two just
sitting here) but those are a good starting point.

On the whole, it *may* be better to simply ensure[1] the CDs never
fall into the wrong hands!  I stress it *may* be.  I don't know.

I suppose my full advice would be to fully investigate the effects of
what you are about to do before doing it.  There is a (perhaps
apocryphal) story of a company that hired security experts to audit
it; said experts hung about for a week, and then simply stole the
backup tapes from the secretary's desk as they waited to be collected
by the end-of-week courier.

> PS Do you know how hard it is searching Google using the terms 'tar
> password backup protect gzip linux' and find a page that doesn't list a
> file available for download called 'xxxx.tar.gz'

Perhaps using the phrase "GNU tar" would help?  In any event, what you
want is information on how to encrypt a *file*, since no encryption
worth its salt will depend on the fact that it is encrypting a tar
file.

jason

[1] : Yes, I *know* this can never be ensured; the point is to
      estimate the cost if the data is successfully stolen, and then
      work out how much it will cost to make that unlikely, for some
      value of unlikely.  (ie it is pointless to spend $50k protecting
      the data if the cost of theft is only $5k, say.)
-- 
||----|---|------------|--|-------|------|-----------|-#---|-|--|------||
| ``Ooooaah!                                                            |
|   I'm getting so excited about cheese-making I can't stand it!''      |
||--|--------|--------------|----|-------------|------|---------|-----|-|

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/

More information about the General mailing list