blog:create_encrypted_tar_files
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
| blog:create_encrypted_tar_files [2010-05-26 10:11] – brb | blog:create_encrypted_tar_files [2010-05-26 10:28] – brb | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Create encrypted tar files ====== | + | ====== Create encrypted tar backups and store them on the amazon S3 cloud ====== |
| - | | + | |
| + | Amazon S3 provides unlimited storage at low prices, which makes it an ideal solution for storing backups. But to make use of it, you need a piece of software that can actually interact with Amazon S3: create buckets, list the contents of a bucket, upload and download | ||
| + | |||
| + | ===== Perparations | ||
| + | |||
| + | Before you proceed, you should install the curl utility. On Ubuntu, you can do this using the sudo apt-get install curl command. Next, grab the latest version of the aws script: | ||
| + | |||
| + | curl timkay.com/ | ||
| + | |||
| + | Make it then executable and copy it to the /usr/bin directory: | ||
| + | |||
| + | chmod +x aws | ||
| + | sudo cp ~/aws /usr/bin/ | ||
| + | |||
| + | Create then an .awssecret file and open it in a text editor like nano: | ||
| + | |||
| + | nano .awssecret | ||
| + | |||
| + | Enter your Amazon AWS credentials (the Access Key ID and the Secret Access Key) as follows: | ||
| + | |||
| + | 1B5JYHPQCXW13GWKHAG2 | ||
| + | 2GAHKWG3+1wxcqyhpj5b1Ggqc0TIxj21DKkidjfz | ||
| + | |||
| + | Save the file and change its permissions: | ||
| + | |||
| + | chmod 600 .awssecret | ||
| + | |||
| + | aws is now ready to go. To create a bucket for your backup use the aws mkdir command (replacing BUCKET with the actual name): | ||
| + | |||
| + | aws mkdir BUCKET | ||
| + | |||
| + | ===== Create and upload the backup file ===== | ||
| + | |||
| + | Next, create an encrypted tarball of the directory you want to back up using the tar tool: | ||
| + | | ||
| + | |||
| + | Finally, upload the created archive to the created bucket: | ||
| + | |||
| + | < | ||
| + | aws put BUCKET/ | ||
| + | </ | ||
| + | |||
| + | The best part is that you don't have to do this manually every time you want to back up a certain directory. Here is a sample script that backs up photos stored on the local hard disk: | ||
| + | |||
| + | < | ||
| + | tar -zcf – todays_backup|openssl enc -aes-256-cbc -salt -pass pass: | ||
| + | aws put BUCKET/ | ||
| + | </ | ||
| Replace yourpassword with a password of your own. Keep the password to yourself, and keep it carefully. The above command will generate a file called todays_backup.tgz.aes-256-cbc. This file can only be decompressed using this password. | Replace yourpassword with a password of your own. Keep the password to yourself, and keep it carefully. The above command will generate a file called todays_backup.tgz.aes-256-cbc. This file can only be decompressed using this password. | ||
| - | To extract your protected archive | + | ===== Retrieve and decrypt a backup |
| + | Of course, you have to make sure that you can actually retrieve and decrypt your backup files. Test if this works, preferably with a small file: | ||
| + | |||
| + | Retrieve | ||
| + | aws get BUCKET/ | ||
| - | | + | To extract your protected archive file use the following command: |
| + | | ||
| + | Ref: http:// | ||
| Ref: http:// | Ref: http:// | ||
blog/create_encrypted_tar_files.txt · Last modified: 2010-05-26 10:31 by brb