Marc David Ronell wrote:
quote:

> Is there a good method to  use tar to create secure tape backups?  The
> goal is to  encrypt each file individually and  then put the encrypted
> file into the  archive.  Encrypting the archive would  seem to yield a
> fragile backup and is not desired.
>

Encrypting backups strikes me as a rather poor idea.  The last thing you
need is to be locked out of your backups when you need them.  Tapes are
offline when not being used anyways.  Maintain proper physical security
of your tape vault and that should take care of your security requirements.

Chris Mattern

[ Post a follow-up to this message ]

>>>>> "Chris" == Chris Mattern <syscjm@gwu.edu> writes:

Chris> Marc David Ronell wrote:[QUOTE] 
Chris> Encrypting backups strikes me as a rather poor idea.  The
Chris> last thing you need is to be locked out of your backups
Chris> when you need them.  Tapes are offline when not being used
Chris> anyways.  Maintain proper physical security of your tape
Chris> vault and that should take care of your security
Chris> requirements.

Most places I have been in  do not, unfortunately , have a tape vault.
Also, doesn't it seem silly  to have logins and password protection on
normal machine access, but not on backups?  If one cannot break into a
machine, it is trivial to borrow a recent backup tape.

Marc

[ Post a follow-up to this message ]

>>>>> "Chris" == Chris Mattern <syscjm@gwu.edu> writes:

Chris> Marc David Ronell wrote:[QUOTE] 
Chris> Encrypting backups strikes me as a rather poor idea.  The
Chris> last thing you need is to be locked out of your backups
Chris> when you need them.  Tapes are offline when not being used
Chris> anyways.  Maintain proper physical security of your tape
Chris> vault and that should take care of your security
Chris> requirements.

Most places I have been in  do not, unfortunately , have a tape vault.
Also, doesn't it seem silly  to have logins and password protection on
normal machine access, but not on backups?  If one cannot break into a
machine, it is trivial to borrow a recent backup tape.

Marc

[ Post a follow-up to this message ]

In article <m3fzjotj9s.fsf@cadence.glidepath.org>,
Marc David Ronell <marc_ronell@highstream.net> wrote:
quote:
 
>
>     Chris> Marc David Ronell wrote: 
>     Chris> Encrypting backups strikes me as a rather poor idea.  The
>     Chris> last thing you need is to be locked out of your backups
>     Chris> when you need them.  Tapes are offline when not being used
>     Chris> anyways.  Maintain proper physical security of your tape
>     Chris> vault and that should take care of your security
>     Chris> requirements.
>
> Most places I have been in  do not, unfortunately , have a tape vault.
> Also, doesn't it seem silly  to have logins and password protection on
> normal machine access, but not on backups?  If one cannot break into a
> machine, it is trivial to borrow a recent backup tape.


Any site that doesn't keep mission critical backups offsite in a tape
vault is asking for trouble.

Unless you take significant precautions to secure the passphrase (much
more than 8 characters, I would hope), those tapes will be useless if
the manager or whomever needs to do a restore without it.

Other than having to write your own backup system, I think you have way
to much time on your hands to worry about this.

Just get the backups running, the disaster recovery plan written and
tested, and a system performance and capacity planning monitor in place
by Friday.  _THEN_ you can work on encrypted backups...

--
DeeDee, don't press that button!  DeeDee!  NO!  Dee...

[ Post a follow-up to this message ]

In article <m3fzjotj9s.fsf@cadence.glidepath.org>,
Marc David Ronell <marc_ronell@highstream.net> wrote:
quote:
 
>
>     Chris> Marc David Ronell wrote: 
>     Chris> Encrypting backups strikes me as a rather poor idea.  The
>     Chris> last thing you need is to be locked out of your backups
>     Chris> when you need them.  Tapes are offline when not being used
>     Chris> anyways.  Maintain proper physical security of your tape
>     Chris> vault and that should take care of your security
>     Chris> requirements.
>
> Most places I have been in  do not, unfortunately , have a tape vault.
> Also, doesn't it seem silly  to have logins and password protection on
> normal machine access, but not on backups?  If one cannot break into a
> machine, it is trivial to borrow a recent backup tape.


Any site that doesn't keep mission critical backups offsite in a tape
vault is asking for trouble.

Unless you take significant precautions to secure the passphrase (much
more than 8 characters, I would hope), those tapes will be useless if
the manager or whomever needs to do a restore without it.

Other than having to write your own backup system, I think you have way
to much time on your hands to worry about this.

Just get the backups running, the disaster recovery plan written and
tested, and a system performance and capacity planning monitor in place
by Friday.  _THEN_ you can work on encrypted backups...

--
DeeDee, don't press that button!  DeeDee!  NO!  Dee...

[ Post a follow-up to this message ]

Marc David Ronell wrote:

Please don't email *and* post to the newsgroup; I had no idea that
this reply went to the newsgroup.  Just reply to the newsgroup
unless you have a need to talk to me privately.  Thank you.
quote:
 
> 
>
> Most places I have been in  do not, unfortunately , have a tape vault.


Really?  I've never worked in a data center that didn't have one.
quote:

> Also, doesn't it seem silly  to have logins and password protection on
> normal machine access, but not on backups?  If one cannot break into a
> machine, it is trivial to borrow a recent backup tape.


Trivial?  Once again, every place I've ever worked, only ops and the
admins had physical access to the backup tapes.  Frankly, if any user
can walk in and grab your backup tapes, you have no backups that you
can count on.  Even if they're encrypted, your user can still just
wipe the tape (or steal it).

Physical security of your machines and media is step one in securing
your servers.  Without that, you might as well not bother, because
you don't have any security.

Chris Mattern

[ Post a follow-up to this message ]

Marc David Ronell wrote:

Please don't email *and* post to the newsgroup; I had no idea that
this reply went to the newsgroup.  Just reply to the newsgroup
unless you have a need to talk to me privately.  Thank you.
quote:
 
> 
>
> Most places I have been in  do not, unfortunately , have a tape vault.


Really?  I've never worked in a data center that didn't have one.
quote:

> Also, doesn't it seem silly  to have logins and password protection on
> normal machine access, but not on backups?  If one cannot break into a
> machine, it is trivial to borrow a recent backup tape.


Trivial?  Once again, every place I've ever worked, only ops and the
admins had physical access to the backup tapes.  Frankly, if any user
can walk in and grab your backup tapes, you have no backups that you
can count on.  Even if they're encrypted, your user can still just
wipe the tape (or steal it).

Physical security of your machines and media is step one in securing
your servers.  Without that, you might as well not bother, because
you don't have any security.

Chris Mattern

[ Post a follow-up to this message ]

>> "Marc" == Marc David Ronell <marc_ronell@highstream.net> writes:

The backup plan  is in place and weekly backups  are running, which is
enough to  suit the requirements.  Recovery  is not a  problem and has
been tested.  Concerns about passwords are not an issue either.

I am at the stage where I  would like to encrypt the backup, but still
keep the backup tape resilient  enough for proper recovery if one file
on the tape gets hosed.

Has anyone accomplished secured tar'ed backups to tape?

Thanks,

marc

[ Post a follow-up to this message ]

>> "Marc" == Marc David Ronell <marc_ronell@highstream.net> writes:

The backup plan  is in place and weekly backups  are running, which is
enough to  suit the requirements.  Recovery  is not a  problem and has
been tested.  Concerns about passwords are not an issue either.

I am at the stage where I  would like to encrypt the backup, but still
keep the backup tape resilient  enough for proper recovery if one file
on the tape gets hosed.

Has anyone accomplished secured tar'ed backups to tape?

Thanks,

marc

[ Post a follow-up to this message ]

Marc David Ronell wrote:
quote:
 
>
> The backup plan  is in place and weekly backups  are running, which is
> enough to  suit the requirements.  Recovery  is not a  problem and has
> been tested.  Concerns about passwords are not an issue either.
>
> I am at the stage where I  would like to encrypt the backup, but still
> keep the backup tape resilient  enough for proper recovery if one file
> on the tape gets hosed.
>
> Has anyone accomplished secured tar'ed backups to tape?


Seriously, I'd would be much, much more concerned that it is "trivial"
for your users to borrow your backups than anything to do with
encryption.  Properly securing your tapes would do everything
encryption could do and would accomplish a lot encryption will not.

Chris Mattern

[ Post a follow-up to this message ]