# Encrypted off-site backup [Solved]

## Telemin

Hi all,

I will soon be taking out a reseller hosting plan to serve a few websites for family and friends, and at the same time I was considering using some portion of the web space as an off-site backup of some of my own important documents.  To this end I am looking for a simple way of keeping encrypted versions of my documents stored on the server, but such that they can be updated differentially i.e only updating an individual file when it is altered, rather than uploading a single encrypted image.

So far google has turned up anything that seems to fit my criteria, does anyone know of an application that will do what I am looking for?

Thanks in advance

-Freestyling-

----------

## pgf

You may have considered this already, but the simplest method I can think of is to use something like amanda to maintain a local repository of encrypted backup files, then mirror this to the hosting site. You don't say what facilities are available at the hosting site o I am assuming just ftp of some sort. This approach has the advantage of keeping two copies of your backups, one of which is available even if the hosting site is not.

----------

## WackyDoo

What about something like duplicity (http://duplicity.nongnu.org/features.html)  which encrypts before it syncs it to a remote folder?

Otherwise, you could use encfs, and mirror the encrypted directory to a remote folder using services like dropbox or wuala for the offsite storage.Last edited by WackyDoo on Fri Dec 11, 2009 9:33 pm; edited 1 time in total

----------

## richard.scott

Duplicity already encrypts any data stored on a remote server, so encfs won't be needed.

I run it with Amazon S3 as my remote storage and its great  :Smile: 

Rich

----------

## Telemin

Thanks for the suggestions guys.  Duplicity seems to be just what I am looking for.

-Freestyling-

----------

## richard.scott

Don't forget to test your backups and make sure you can restore from it... duplicity can be a bit picky with paths used when restoring etc. Join their mailing list if you get stuck as there are some really good people on there (including Ken, the lead dev).

Also, don't do too many incremental backups betweek your full backups... I do a full backup once a week as this keeps the chain short. The chain is "full -> inc -> inc -> inc". If one of your incremental backups is corrupted on transfer then everything after that will also be corrupt.

Also, if you don't want to use PGP you don't have to set it up, you can use an environment variable to set a password too.

Rich

----------

