[borgbackup] borgbackup 0.25.0 released
Marc Haber
mh+borgbackup at zugschlus.de
Mon Aug 31 06:45:54 EDT 2015
On Mon, Aug 31, 2015 at 12:27:40PM +0200, Thomas Waldmann wrote:
> > thanks for keeping the development running. A few questions about
> > compression: Is there any reason why xz compression is not (yet)
> > supported?
>
> It is, see "lzma".
At least on Linux, lzma is different from xz.
> > Is the compression done on the client or on the server?
>
> Client-side (must be first compressed, then encrypted, then transmitted).
Sounds fair enough. When thinking about it, the server only sees the
encrypted data stream and thus cannot compress any more. Stupid me.
> > And while I'm asking, are there plans to add a connection scheme that
> > allows the TCP connection to go from the server (the machine holding
> > the actual backup) to the client (the machine being backed up)? There
> > are places with a security policy that says "no connections to the
> > backup server". One possible solution would be a "ssh
> > -R10222:localhost:22 client borg create foo" with the repository being
> > on "localhost:10022" so that the connection from the client to the
> > server is tunneled through the outgoing ssh session from the server.
>
> Well, sounds interesting.
>
> Doesn't help 100% against the "hacked production server" issue (see that
> ticket in the issue tracker), though, as at specific times, the client
> will be able to connect to the server (through localhost:10022) and do
> whatever it wants, right?
Yes, but there are some things that need to be done. ;-) I trust ssh
enough so that a borgbackup account that has its authorized_keys
restricted to "borg serve --restrict-to-path" is secure enough. It's
just that many security/firewall people will open a can of worms if
connections go the wrong direction.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Borgbackup
mailing list