To be almost 100% that your data is secure, and I said almost because you are never 100% secure! Ok, Here we will see how to use together ssh (scp) and duplicity to encrypt your backed up data and to copy it to another server using an encrypted tunnel. <h3>Pre-requisites</h3> Your will need:

  • gpg
  • duplicity
  • ssh keys on the backing server http://linux.go2linux.org/node/16

<h3>Installing the software</h3> This is tested on Debian and Ubuntu, but should be distro independent To install duplicity run:

apt-get duplicity

<h3>Generating the key</h3>

To generate the key you will use for encrypt your backup run:

gpg –gen-key

Enter all the info it asks, and the passphrase, (Do not forget the passphrase or you will never be able to recover your data)

<h3>Backup your files to another server</h3>

In this example I will back up my home directory into a second server

First we need to see the available keys

gpg –list-key

This could be the output pub 1024D/87819492 2007-03-18 uid Name Last_Name (Comment) email@your_domain.com sub 2048g/2DBF4EB5 2007-03-18

Now export the passphrase to an enviroment variable

export PASSPHRASE=your_passphrase

and run the command to backup

duplicity –encrypt-key “87819492” –sign-key “87819492” /home/user/ scp://user@other.server//home/user/backup/

<H3>Restore the backup</h3>

duplicity –encrypt-key “87819492” –sign-key “87819492” scp://user@other.server//home/user/backup/ /home/user/

You are done, all your back is secured. <h4>Do not forget the passphrase</h4>