[Discuss] encryption and rsync
Tom Metro
tmetro+blu at gmail.com
Mon Jul 16 01:59:26 EDT 2012
Richard Pieri wrote:
> I just started experimenting with client-side EncFS and running rsync or
> unison on the underlying native file system. ... Sync underneath EncFS
> compares encrypted file to encrypted file...
According to:
http://en.wikipedia.org/wiki/Encfs
Two directories are involved in mounting an EncFS filesystem: the
source directory, and the mountpoint. Each file in the mountpoint has
a specific file in the source directory that corresponds to it. The
file in the mountpoint provides the unencrypted view of the one in the
source directory. Filenames are encrypted in the source directory.
So you're syncing the encrypted files in the source directory. That
makes a lot more sense than using an encryption technology that just
creates an opaque image file.
But I'm assuming that EncFS isn't doing anything to assist the syncing
of partial files, so your minimum transfer is a full file.
I've heard EncFS works well with services like DropBox. (I've also heard
of people using TrueCrypt with DropBox, which doesn't make much sense to
me.)
> ...so it doesn't have the encrypt everything overhead that rsyncrypto
> incurs...
I have a vague recollection that rsyncrypto does something to address
this, but it has been quite a few years since I looked at it closely.
One of the ways this can be addressed is to locally store an index of
file checksums, and only when you have a checksum mismatch, you process
the file. (With some effort this could be carried to finer granularity.)
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list