2
I have a large number(>50GB) of files I want to back up in encrypted form, and I don't trust the crashplan provided encryption for these files. I'm using ecryptfs
and doing this in my /etc/fstab
:
/sensitive /sensitive-enc ecryptfs defaults 0 0
So files in sensitive
are unencrypted for my local use, and files in /sensitive-enc
are encrypted versions of the files in sensitive
. I've added /sensitive-enc
to my CrashPlan, but their app cannot stat any of the files (apparently they only support fully kernel-space options). I can't change my backup provider, and I can't duplicate all of the files (e.g. encrypt and then back up)
Is there any way to either :
- Make this work as-is in CrashPlan?
- Use a different pass-through encryption that is kernel-only?
To clarify, I'm hoping to not encrypt the source material, but to use a pass-through encryption scheme
Buried deep in their terms of service is the admission that CrashPlan does indeed escrow your encryption keys. So you are right not to trust them. – Michael Hampton – 2014-08-31T16:07:41.567
Not for my sensitive data ;-) For my normal data, I enjoy the second layer of encryption that they provide but I don't rely on it – Hamy – 2014-08-31T17:44:53.457
Crashplan also supports providing it an certificate if you do that they don't have the ability but neither do you if you lose it – Ramhound – 2014-08-31T19:11:18.557
Unfortunately on a non-business plan you have to use the same authentication method for all computers--Trying to remotely setup my parents with certificate files is not an option, the escrow certificate + password took long enough ;-) – Hamy – 2014-08-31T23:35:14.027
For others coming later: Even if you provide your own private certificate file, you are trusting that the CrashPlan application is not uploading or storing it somewhere. I'm not that paranoid about this specific data, I would happily use self-provided certs if I didn't have other family members on this plan, but I think it's important for others to realize that they are still trusting Code42 even if they self-provide – Hamy – 2014-09-02T22:17:52.800