[Borgbackup] Deduplication and encryption
Elladan
elladan at eskimo.com
Thu Aug 3 16:16:12 EDT 2017
On Tue, Jul 18, 2017 at 6:12 AM, Gigi Canuto <ghs.cnt at gmail.com> wrote:
>
> I am concerned about security and privacy, encryption is a must. Also
> because probably I'll need to backup a lot of machines I need deduplication
> and (eventually) compression.
> I wondered how Borg could handle deduplication and encryption together, so I
> asked this question on superuser.com forum.
> Could you please confirm that the answer is correct ?
The description on that web site is confusing. For more information,
see: https://borgbackup.readthedocs.io/en/stable/
So make it simple, the local machine doing the backup does the
encryption and deduplication. The remote server machine simply stores
the encrypted data but cannot decrypt it.
You can back up multiple machines this way, but there are two caveats:
First, each local machine has to use the same encryption key, which
means that any of the machines can read the other machines' data. Only
the remote storage machine is secure.
Second, each local machine needs to maintain a cache index to do the
deduplication. This is done automatically for you, but takes some
extra time to rebuild every time you switch machines. It also takes up
some space on each machine.
Depending on your needs, it's possible to back up via network file
systems and the like which may help in some scenarios.
More information about the Borgbackup
mailing list