This is the scenario. I have a local server in the office that I want to back up programmatically (via a bash script) everyday to an external hard disk that I will bring home.
The data in the hard disk must be encrypted.
I can see three viable solutions for that and I am here to ask your opinions about which one will work best for my case.
solution 1: encrypt each and every file via the backup script before copying it on the hard disk
solution 2: encrypt the entire volume on the HD
solution 3: buy an external hard drive that offers hardware encryption
My goals are:
* the solution should be easy to implement
* I need to be able to copy the entire backup to HD without human intervention (only using a script)
* I need to be able to read the backup on the HD programmatically (there shouldn't be any human entering the password)
* decrypting the files should be fairly quick
* the backup written on HD must be as reliable as possible
Thanks in advance,
Daniele
Best Answer
I would suggest using TrueCrypt. You would create one large "container" file on the external hard drive. This file is actually an encrypted hard drive image that can be mounted under /mnt/ (for example).
To back it up, you would unmount the TrueCrypt volume and then simply back up the container file.
TrueCrypt is very robust. We have used it for years on very large file systems. You can also use its command-line program to script it, too.