I asked the guys that came to talk about Amanda (thanks to the U and Sistina) and one of them said it is possible to tightly control which range of ports Amanda uses to communicate over the network. If you use ssh to forward those ports, you have an encrypted backup. Kludgy and untested, but it seems plausible. Anybody ever try this sort of thing? Troy Carl Wilhelm Soderstrom wrote: > > > http://utcc.utoronto.ca/~pkern/stuff/amanda-patch/ > > > > Other references that I've found so far seem to indicate that encryption > > will be enabled in the 2.5.x series of Amanda, but I don't know when > > that will appear. > based on what I saw of the developers' presentation, 2.5 is the technology of the future; always has been, always will be... ;> > > the current thinking is to run the traffic over a VPN tunnel of some sort. > > > (Apparently, Linux's dump(8) program can handle SSH, just FYI.) > really? I looked at it a while ago, and didn't think it handled SSH at the time. cool that it does. > now we just need to get SSH support into 'tar'. (it already will work over the r* connection) > > >Would you recommend Amanda (apart from the encryption issue)? > depends what you want to do with it. > for casual users and those who have tape drives on each machine; I think it's entirely more complex than it needs to be. plain scripts using dump or tar (or cpio or afio) are much simpler and easier to understand. > when doing backups/restores over a network, tho; it starts to make sense. this is what it's primarily designed to do; and has a lot of intelligent and useful features for this (local caching before writing to disk, intelligent scheduling). > when dealing with an enterprise-scale environment; it's very good. it would seem to work well with tape changers, and the massively parallelizable, balanceable, and configurable network backup capabilities make it more than adequate. > > that said, I have no experience with Legato or Veritas' products; so I don't know how well it compares to them. > > Carl Soderstrom > ------------------------------------------------------- > Network Engineer > Real-Time Enterprises > (612) 943-8700 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org > For additional commands, e-mail: tclug-list-help at mn-linux.org -- Troy Johnson mailto:john1536 at tc.umn.edu http://umn.edu/~john1536/ When he gets older, I'd tell him he used to have a brother, but he didn't obey. -- Stephen Wright --------------------------------------------------------------------- To unsubscribe, e-mail: tclug-list-unsubscribe at mn-linux.org For additional commands, e-mail: tclug-list-help at mn-linux.org