ncrypt-rsync: Free, encrypted, version-controlled backups

Table of Contents:

What?

ncrypt-rsync provides a secure, version-controlled backup solution by encrypting files and storing them in Git repositories, leveraging Git’s redundancy for data resilience while mitigating cloud storage privacy & security risks.

Security choices

(1)Encryption choices (age vs. SSH, why not GPG?) (2) Key management (how are passwords stored? why use per-repo keys?) (3) Attack vectors (what happens if someone steals the encrypted backups?)

Data model & metadata handling

(1) How are backups stored? (??) (2) What metadata is kept? What security risks are there of storing this metadata? (3) Why JSON over SQLite?

Architectural decisions & tradeoffs

(1) Why Golang over Bash? (2) Why systemd timers over cron? (3) Why rsync instead of writing my own sync tool?

Future improvements

#See also:

Prev Determinism Next Post-metoidioplasty neophallic enlargement
~/exocortex ~/bulletin ~/about ~/contact

ncrypt-rsync: Free, encrypted, version-controlled backups

Table of Contents:

What?

ncrypt-rsync provides a secure, version-controlled backup solution by encrypting files and storing them in Git repositories, leveraging Git’s redundancy for data resilience while mitigating cloud storage privacy & security risks.

Security choices

(1)Encryption choices (age vs. SSH, why not GPG?) (2) Key management (how are passwords stored? why use per-repo keys?) (3) Attack vectors (what happens if someone steals the encrypted backups?)

Data model & metadata handling

(1) How are backups stored? (??) (2) What metadata is kept? What security risks are there of storing this metadata? (3) Why JSON over SQLite?

Architectural decisions & tradeoffs

(1) Why Golang over Bash? (2) Why systemd timers over cron? (3) Why rsync instead of writing my own sync tool?

Future improvements

#See also:

Prev Determinism Next Post-metoidioplasty neophallic enlargement

VIRAL PUBLIC LICENSE / Copyleft (ɔ) All Rights Reversed