The Encrypt Extension is a Cedar Backup extension used to encrypt backups. It does this by encrypting the contents of a master's staging directory each day after the stage action is run. This way, backed-up data is encrypted both when sitting on the master and when written to disc. This extension must be run before the standard store action, otherwise unencrypted data will be written to disc.
There are several differents ways encryption could have been built in to or layered on to Cedar Backup. I asked the mailing list for opinions on the subject in January 2007 and did not get a lot of feedback, so I chose the option that was simplest to understand and simplest to implement. If other encryption use cases make themselves known in the future, this extension can be enhanced or replaced.
Currently, this extension supports only GPG. However, it would be straightforward to support other public-key encryption mechanisms, such as OpenSSL.
If you decide to encrypt your backups, be absolutely sure that you have your GPG secret key saved off someplace safe — someplace other than on your backup disc. If you lose your secret key, your backup will be useless.
I suggest that before you rely on this extension, you should execute a dry run and make sure you can successfully decrypt the backup that is written to disc.
Before configuring the Encrypt extension, you must configure GPG. Either create a new keypair or use an existing one. Determine which user will execute your backup (typically root) and have that user import and lsign the public half of the keypair. Then, save off the secret half of the keypair someplace safe, apart from your backup (i.e. on a floppy disk or USB drive). Make sure you know the recipient name associated with the public key because you'll need it to configure Cedar Backup. (If you can run gpg -e -r "Recipient Name" file.txt and it executes cleanly with no user interaction required, you should be OK.)
An encrypted backup has the same file structure as a normal backup, so
all of the instructions in Appendix C, Data Recovery apply.
The only difference is that encrypted files will have an additional
.gpg
extension (so
for instance file.tar.gz
becomes
file.tar.gz.gpg
). To recover decrypted data, simply
log on as a user which has access to the secret key and decrypt the
.gpg
file that you are interested in. Then, recover
the data as usual.
Note: I am being intentionally vague about how to configure and use GPG, because I do not want to encourage neophytes to blindly use this extension. If you do not already understand GPG well enough to follow the two paragraphs above, do not use this extension. Instead, before encrypting your backups, check out the excellent GNU Privacy Handbook at http://www.gnupg.org/gph/en/manual.html and gain an understanding of how encryption can help you or hurt you.
To enable this extension, add the following section to the Cedar Backup configuration file:
<extensions> <action> <name>encrypt</name> <module>CedarBackup2.extend.encrypt</module> <function>executeAction</function> <index>301</index> </action> </extensions>
This extension relies on the options and staging configuration
sections in the standard Cedar Backup configuration file, and then
also requires its own encrypt
configuration
section. This is an example Encrypt configuration section:
<encrypt> <encrypt_mode>gpg</encrypt_mode> <encrypt_target>Backup User</encrypt_target> </encrypt>
The following elements are part of the Encrypt configuration section:
encrypt_mode
Encryption mode.
This value specifies which encryption mechanism will be used by the extension.
Currently, only the GPG public-key encryption mechanism is supported.
Restrictions: Must be gpg
.
encrypt_target
Encryption target.
The value in this field is dependent on the encryption mode.
For the gpg
mode, this is the name of the
recipient whose public key will be used to encrypt the backup
data, i.e. the value accepted by gpg -r.