Bernhard Brunner's Blog

User Tools

Site Tools

You are here: start » blog » create_encrypted_tar_files
blog:create_encrypted_tar_files

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
blog:create_encrypted_tar_files [2010-05-26 10:19] brbblog:create_encrypted_tar_files [2010-05-26 10:31] (current) brb
Line 1: Line 1:
 ====== Create encrypted tar backups and store them on the amazon S3 cloud ====== ====== Create encrypted tar backups and store them on the amazon S3 cloud ======
  
-Amazon S3 provides unlimited storage at low prices, which makes it an ideal solution for storing backups. But to make use of it, you need a piece of software that can actually interact with Amazon S3: create buckets, list the contents of a bucket, upload and download files, etc. And aws, a simple command-line utility written in Perl, is the perfect tool for the job. You might wonder why not use a GUI-based application like Jungle Disk? For two simple reasons: as a CLI-based tool, aws is light on resources and it can be easily scripted.+Amazon S3 provides unlimited storage at low prices, which makes it an ideal solution for storing backups. But to make use of it, you need a piece of software that can actually interact with Amazon S3: create buckets, list the contents of a bucket, upload and download files, etc. And aws, a simple command-line utility written in Perl, is the perfect tool for the job.  
 + 
 +===== Perparations =====
  
 Before you proceed, you should install the curl utility. On Ubuntu, you can do this using the sudo apt-get install curl command. Next, grab the latest version of the aws script: Before you proceed, you should install the curl utility. On Ubuntu, you can do this using the sudo apt-get install curl command. Next, grab the latest version of the aws script:
Line 29: Line 31:
   aws mkdir BUCKET   aws mkdir BUCKET
  
-Next, create a tarball of the directory you want to back up using the tar tool:+===== Create and upload the backup file =====
  
-  tar -pvczf tmp/dir.tar.gz /path/to/dir+Next, create an encrypted tarball of the directory you want to back up using the tar tool: 
 +  tar -zcf - todays_backup|openssl enc -aes-256-cbc -salt -pass pass:yourpassword -out todays_backup.tgz.aes-256-cbc
  
 Finally, upload the created archive to the created bucket: Finally, upload the created archive to the created bucket:
  
-aws put BUCKET/dir.tar.gz /path/to/dir.tar.gz+<code> 
 +aws put BUCKET/dir.tar.gz /path/to/todays_backup.tgz.aes-256-cbc 
 +</code>
  
 The best part is that you don't have to do this manually every time you want to back up a certain directory. Here is a sample script that backs up photos stored on the local hard disk: The best part is that you don't have to do this manually every time you want to back up a certain directory. Here is a sample script that backs up photos stored on the local hard disk:
  
-  #!/bin/bash +<code> 
-  cd /home/user/ +tar -zcf – todays_backup|openssl enc -aes-256-cbc -salt -pass pass:yourpassword -out todays_backup.tgz.aes-256-cbc 
-  tar -pvczf Photos.tar.gz Photos +aws put BUCKET/todays_backup.tgz.aes-256-cbc /path/to/todays_backup.tgz.aes-256-cbc 
-  aws put BUCKET/Photos.tar.gz Photos.tar.gz+</code> 
  
 +Replace yourpassword with a password of your own. Keep the password to yourself, and keep it carefully. The above command will generate a file called todays_backup.tgz.aes-256-cbc. This file can only be decompressed using this password.
  
 +===== Retrieve and decrypt a backup file =====
 +Of course, you have to make sure that you can actually retrieve and decrypt your backup files. Test if this works, preferably with a small file:
  
-  # tar -zcf – todays_backup|openssl enc -aes-256-cbc -salt -pass pass:yourpassword -out todays_backup.tgz.aes-256-cbc +Retrieve the file from S3
- +  aws get BUCKET/todays_backup.tgz.aes-256-cbc 
-Replace yourpassword with a password of your own. Keep the password to yourself, and keep it carefully. The above command will generate a file called todays_backup.tgz.aes-256-cbc. This file can only be decompressed using this password. +
- +
-To extract your protected archive file todays_backup.des3 use the following command:+
  
-  # openssl enc -d -aes-256-cbc -out todays_backup.tgz+To extract your protected archive file use the following command: 
 +  # openssl enc -d -aes-256-cbc -in todays_backup.tgz.aes-256-cbc -out todays_backup.tgz
  
-Ref: http://www.linux-magazine.com/Online/Blogs/Productivity-Sauce-Dmitri-s-open-source-blend-of-productive-computing/Perfect-Backup-Solution-with-Amazon-S3-and-aws +Ref: 
-Ref: http://www.simplehelp.net/2009/02/19/adding-encryption-to-protect-your-backups-on-linux/+  * http://www.linux-magazine.com/Online/Blogs/Productivity-Sauce-Dmitri-s-open-source-blend-of-productive-computing/Perfect-Backup-Solution-with-Amazon-S3-and-aws 
 +  http://www.simplehelp.net/2009/02/19/adding-encryption-to-protect-your-backups-on-linux/
  
  
blog/create_encrypted_tar_files.1274861955.txt.gz · Last modified: 2010-05-26 10:19 by brb