Find the answer to your Linux question:
Results 1 to 5 of 5
Hello, im making backups of sensitive data to my VPS, i cant trust owner of the VPS node fully. So i got an idea on which i need Your comments. ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    314

    Modifying tar.gz / tar file to prevent extraction?


    Hello,

    im making backups of sensitive data to my VPS, i cant trust owner of the VPS node fully.
    So i got an idea on which i need Your comments.

    I can zip file with password, but i just discovered zip may not pack files larger 2gb, got some error like
    "zip warning: name not matched: /backup/incremental/accounts/yzbuutpo/homedir/public_html/wp-content/themes/twentytwelve/bomba1/dovecot"

    so i got idea renaming my backups to something uninteresting and without tar.gz extension.
    and another level of protection - can i anyhow edit the archive easilly so non professional dont recognize what file type it is and also make it corrupted for extraction by editting somehow easilly archive content? If anyone point to a guide, im linux amateur? Thank you

    PS i assume i can also use openssl to encrypt archive, but i think it would eat alot of resources to encrypt like 15gb file..
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  2. #2
    Linux Enthusiast
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    636
    Encrypt the tarball with GPG using your public key (the private key would be required to de-crypt the tall ball) and do not loss your private key.

  3. #3
    Linux Engineer docbop's Avatar
    Join Date
    Nov 2009
    Location
    Woodshed, CA
    Posts
    926
    We did something like this for our datbase backups so could they be transfered to development servers and off-site storage. We did a mysql dump, then made that into a compress tarball, then encripted the tarball with openssl. Made for small encryped DB copies that we could keep many copies for archival purposes.
    A lion does not lose sleep, over the opinion of sheep.

  4. #4
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    314
    Quote Originally Posted by alf55 View Post
    Encrypt the tarball with GPG using your public key (the private key would be required to de-crypt the tall ball) and do not loss your private key.
    please what is the command to do this?
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  5. #5
    Linux Enthusiast
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    636
    gpg -- GNU Privacy Guard (open source) (closed source would be PGP currently owned by Symantec). This technology is about 25 years old. But you would not know it by the lack of people that know of the products (commercial or open sourced).

    https://www.gnupg.org/ or within your packaging environment. cheatsheet: GPG Cheat Sheet


    [soapbox]
    Pretty Good Privacy (PGP), a freeware program released in June 1991 after a six-month unpaid effort by Philip Zimmermann. He latter formed a company and it became commercial software.
    [/soapbox]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •