1
My home computer consists of a VMWare host running Linux Mint, and a number of VMWare clients.
I run backups every night that compress my VHDs to a removable hard drive.
I'd like to encrypt the compressed images. And I'd like to do so without including a password in my backup scripts.
I have several removable disks that I rotate through, and I take one to work, everyday, so I have an offsite copy. And I include a copy of my backup scripts on each backup disk, to make it easier for me to figure out what I need to do to do a restore.
My thought is that if I used public-key encryption, I could encrypt with the public key, and require the private key to decrypt, and then the backup scripts could run without needing a password.
(I'd keep either the private key, or the passphrase to the private key file, in my KeePass database, which I also write to my backup media.)
But the thing is - I'd want to run this self-contained, so I could decrypt the backups using nothing other than what was written to the backup disks. That is, if I use gpg, I would want a copy of gpg on the backup disks, that I could run by itself, without having to install or configure anything. (That is, no dependencies on ~/.gpgconf, etc.)
And I've not been able to figure out how to do this, using gpg. The manuals seem to assume that you're going to install and configure it for your current user, and I need to be able to run it when nothing of the sort has happened.
Any ideas on how to:
- Run gpg in an uninstalled mode, or
- how to do this using some other tool? (openssl?)
Added comments...
Why can I not just install gpg?
The problem is doing a restore.
Suppose I have a complete system failure, perhaps my house burned down and everything was destroyed.
So I'm starting a restore with a new computer, bare drives, and my most recent off-site backups.
What do I do?
I boot some version of Linux that can mount ext4 partitions off of a thumb drive, and start putting things back together.
I can't depend upon anything other than the basic system utilities and what I've put on the backup disks.
4Note: asymmetric encryption is not used to encrypt data, the amount that can be encrypted is limited to less than the key size and orders of magnitude slower than symmetric encryption. What is done is to encrypt the data with symmetric encryption such as AES and encrypt the symmetric key with asymmetric encryption. Essentially this is what gig does. Also note that an asymmetric or reasonable security will have a length of about 2048-bits (RSA) (which would be about 512 hex characters which is unwieldy to enter by hand.) – zaph – 2019-01-14T18:52:03.450
And, of course, my backups would be far longer than any reasonable RSA key size. – Jeff Dege – 2019-01-14T19:14:29.227
Remember, though, that these are scripted processes. I could have the script generate a symmetric key, use it to encrypt the VHD, then encrypt it with a public key and write it to the removable disk. – Jeff Dege – 2019-01-14T19:16:29.013
Why not just install gpg and some keys? You must trust the decrypting system, otherwise why put your decrypted backups there? Maybe a secure ssh connection to the backup system is another idea – Xen2050 – 2019-01-15T00:04:24.870
See my added comments – Jeff Dege – 2019-01-15T04:45:32.597
If you store the key for the backup with the backup you might jsut as well not encrypt it. Only using the system utilities is a noble goal but why do you assume that you won't have any kind of internet access? If that's the case how will you get an up to date Linux version? As for encryption why not just use LUKS/dm-crypt? – Seth – 2019-01-15T06:19:47.693
System Rescue CD has
gnupg
on its package list, which could be used tor restore. – garethTheRed – 2019-01-15T07:02:06.583The creation of the backups uses the public key, so I don't need the password in the scripts. The decryption of the backups uses the private key - which requires the passphrase - which is not on the backup media. – Jeff Dege – 2019-01-16T02:36:36.387