On Thu, Dec 18, 2014 at 10:41 AM, wwp <subscript at free.fr> wrote: >> >> I would rather work on single files or tars on directory basis. Using a >> single big file creates a very "large" single point of failure. >> Or use an encrypted file system (of course, also a single point of >> failure, but probably better handling). > > The bad points with using an encrypted fs maybe in the OT case, is that > to move the encrypted file to somewhere else, you need to move the > hardware containing the fs :-(. Which might be as simple as swapping a USB key or portable drive. > Also, it doesn't allow changing the > encryption key very often. I think an encrypted fs addresses other > security/confidentiality issues, but then the OT should be more precise > about his needs/the context. Yes, how the backup copies will be managed after encryption would have a lot to do with picking the most convenient approach. One thing that would be possible on an encrypted file system would be using a backup approach that stores multiple copies, de-dupinng unchanged files as you can do with rsync, rdiff-backup, backuppc, etc. Those can only work if the software involved sees the unencrypted files. -- Les Mikesell lesmikesell at gmail.com