Musings on ZFS Backup strategies

[Karl Denninger]

On 3/1/2013 1:25 PM, kpneal at pobox.com wrote:
> On Fri, Mar 01, 2013 at 09:45:32AM -0600, Karl Denninger wrote:
>> I rotate the disaster disks out to a safe-deposit box at the bank, and
>> they're geli-encrypted, so if stolen they're worthless to the thief
>> (other than their cash value as a drive) and if the building goes "poof"
>> I have the ones in the vault to recover from.  There's the potential for
>> loss up to the rotation time of course but that is the same risk I had
>> with all UFS filesystems.
> What do you do about geli keys? Encrypted backups aren't much use if
> you can't unencrypt them.
I keep them in my head.  Even my immediate family could not guess it;
one of the things I mastered many years ago was "algorithmic" and very
long passwords that are easy to remember but impossible for someone to
guess other than by brute force, and if long enough that becomes
prohibitive for the guesser.

If I needed even better I'd keep the (random part of the) composite key
on an external thing (e.g. thumbdrive) that is only stuffed in the box
to boot and attach the drives, the removed and stored separately under
separate and high security.

There is no point to using a composite key IF THE RANDOM PART CAN BE
STOLEN; you then are back to the security of the typed password (if
any), so if you want the better level of security you need to deal with
the physical security of the random portion and make sure it is NEVER on
an unencrypted part of the disk itself.

If you're not going to do that then a strong and long password is just
as good.

I can mount my backup volumes on any FreeBSD machine that has the geli
framework.

-- 
-- Karl Denninger
/The Market Ticker ®/ <http://market-ticker.org>
Cuda Systems LLC