| 1 |
* Rich Freeman <rich0@g.o> [150509 09:00]: |
| 2 |
[..SNIP..] |
| 3 |
> One thing you can't cheaply do with Amazon is verify your backups. |
| 4 |
> Duplicity will happily check the data files against the manifest |
| 5 |
> hashes with a simple command, but it will cost you 10c/GB for whatever |
| 6 |
> you verify, since it will need to be transferred out. I guess another |
| 7 |
> option is to launch an EC2 instance with duplicity on it and have it |
| 8 |
> do the verify. That would be an internal Amazon transfer which is |
| 9 |
> both free and much faster, but it will cost you a few cents per hour |
| 10 |
> for the CPU time. I also don't know if duplicity can verify a backup |
| 11 |
> without the encryption keys - if it can't then you'll have to upload |
| 12 |
> your keys to EC2 which means Amazon could read your backups if they |
| 13 |
> wanted to. Otherwise duplicity is encrypting locally and all Amazon |
| 14 |
> does is store a bunch of encrypted data and regurgitate it on demand. |
| 15 |
> |
| 16 |
> -- |
| 17 |
> Rich |
| 18 |
|
| 19 |
Thanks for the great post Rich. |
| 20 |
|
| 21 |
As for keys, you could use Amazon's AWS Key Management Service. |
| 22 |
Of course they could be sitting there gathering keys, but at some point |
| 23 |
you either have to trust they'll do what they say or simply decide not |
| 24 |
to use them at all (IMNHO.) |
| 25 |
|
| 26 |
You could also use AWS Key Management for backup data you want |
| 27 |
"reasonably" secured and then your own keys for data you want more |
| 28 |
highly secured (hopefully much smaller so the verify costs are more |
| 29 |
reasonable.) |
| 30 |
|
| 31 |
Todd |
Archives