If I have a home server connected to Proton Drive for example, would that be sufficient to back up my data?

  • @satanmat
    link
    English
    116 months ago

    Would that be sufficient

    No.

    3-2-1

    Three copies; your working copy, and a cloud copy, and (as an example) on and external HD that you keep at a friend’s house….

    On two separate media… so yes cloud can cover that

    One off site. So yeah cloud covers that.

    Encryption on your off site copies. Yeah I don’t care if they are Linux ISOs or your grandmas recipes. ENCRYPTED

    Thanks for coming to my TED talk

    • @[email protected]
      link
      fedilink
      English
      56 months ago

      And I would argue that all data should be encrypted now, even the working copy. If you have data that’s worth backing up, you probably don’t want it in the hands of criminals or weirdos either.

      • Scrubbles
        link
        fedilink
        English
        26 months ago

        It’s so easy to set up, just tick a box during os install most times. Then if you do rcline just use an encrypt on top of your remote, make sure your conf is backed up, and you’re golden

        • @peregus
          link
          English
          36 months ago

          If you tick the encryption box during install, you will have to enter the decrypt password at every boot and that means that if the power goes out for long enough (UPS doesn’t keep the server up for hours), I (and my family) will not have access to the self hosted stuff until I’ll be home and this is why I encrypt only the data partition and not the boot one.

          • @bluespin
            link
            English
            26 months ago

            You can decrypt via ssh at boot. I used dropbear to accomplish that on my machine

            • @peregus
              link
              English
              26 months ago

              That’s interesting, but that won’t help if I’m away or on vacation on the other side of the world

              • @bluespin
                link
                English
                16 months ago

                I may be missing something in your use case. As long as you have the port forwarded you can decrypt from anywhere. Use pub key auth and you’re good to go

                • @peregus
                  link
                  English
                  3
                  edit-2
                  6 months ago

                  You’re just missing the part where I want to be on vacation without the need to find a decent Internet connection to boot my server because the power went off. What’s the plus of encrypting the OS partition too?

                  • @bluespin
                    link
                    English
                    26 months ago

                    Fair enough. Every service I run depends on encrypted data, so starting the machine without decrypting isn’t worthwhile in my case. I have to decrypt to get everything back up after power loss anyway.

                    Main advantages I’m aware of for full disc encryption are encrypted swap and system config. Overkill for some use cases so YMMV, but wanting to point out that decrypting at boot can be done.

      • @satanmat
        link
        English
        26 months ago

        Agreed… Yes, and… specific to backups all the encryption….

        Your production stuff, yes should be as well

      • @satanmat
        link
        English
        16 months ago

        Yep. And even I did it in my post. Notice what is missing?

        Test your backups!