Results 1 to 2 of 2
I'm currently choosing the strategy for encrypting the backups of the application I work on, and I spent the last couple of hours googling around.
Now, since I'm using mysqldump ...
- 06-15-2009 #1Just Joined!
- Join Date
- Jun 2009
- Posts
- 3
Opinion on encryption strategy
I'm currently choosing the strategy for encrypting the backups of the application I work on, and I spent the last couple of hours googling around.
Now, since I'm using mysqldump (for now) on the server, whose results are sent to an offline location, I'd like to use something along the lines of
mysqldump my_database | magic_encryption > dump.sql.enc
this would be a requirement.
the other requirement is of course, an encryption strong enough for confidential data.
now, the strategy I chose is this:
* generation of a gpg keyring on the server, using a phony recipient, using a 2048 bit ELwhatever algorithm
* move the secret keyring on a separate location (e.g. my desktop)
and now, I would schedule the dumps filtering through: 'gpg -r phony_recipitent --encrypt', and decode from my separate location using the keyring 'gpg --no-default-keyring --secret-keyring /my-secret-keyring.gpg --decrypt'
is this an appropriate choice for the encryption, from the perspectives of speed, simplicity and safety?
thanks!
saverio
- 06-17-2009 #2Linux Guru
- Join Date
- Jul 2007
- Location
- California
- Posts
- 1,958
I think that should be fine. You can also set up an encrypted partition using something like cryptkeeper but your method should be fine
Bodhi 1.3 & Bodhi 1.4 using E17
Dell Studio 17, Intel Graphics card, 4 gigs of RAM, E17
"The beauty in life can only be found by moving past the materialism which defines human nature and into the higher realm of thought and knowledge"
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts