1 |
* Rich Freeman <rich0@g.o> [150509 09:00]: |
2 |
[..SNIP..] |
3 |
> One thing you can't cheaply do with Amazon is verify your backups. |
4 |
> Duplicity will happily check the data files against the manifest |
5 |
> hashes with a simple command, but it will cost you 10c/GB for whatever |
6 |
> you verify, since it will need to be transferred out. I guess another |
7 |
> option is to launch an EC2 instance with duplicity on it and have it |
8 |
> do the verify. That would be an internal Amazon transfer which is |
9 |
> both free and much faster, but it will cost you a few cents per hour |
10 |
> for the CPU time. I also don't know if duplicity can verify a backup |
11 |
> without the encryption keys - if it can't then you'll have to upload |
12 |
> your keys to EC2 which means Amazon could read your backups if they |
13 |
> wanted to. Otherwise duplicity is encrypting locally and all Amazon |
14 |
> does is store a bunch of encrypted data and regurgitate it on demand. |
15 |
> |
16 |
> -- |
17 |
> Rich |
18 |
|
19 |
Thanks for the great post Rich. |
20 |
|
21 |
As for keys, you could use Amazon's AWS Key Management Service. |
22 |
Of course they could be sitting there gathering keys, but at some point |
23 |
you either have to trust they'll do what they say or simply decide not |
24 |
to use them at all (IMNHO.) |
25 |
|
26 |
You could also use AWS Key Management for backup data you want |
27 |
"reasonably" secured and then your own keys for data you want more |
28 |
highly secured (hopefully much smaller so the verify costs are more |
29 |
reasonable.) |
30 |
|
31 |
Todd |