4615 – encryption with rsync: using ssh's algorithms?

Bug 4615 - encryption with rsync: using ssh's algorithms?

Summary: encryption with rsync: using ssh's algorithms?

Status:	RESOLVED WONTFIX

Alias:	None

Product:	rsync
Classification:	Unclassified
Component:	core (show other bugs)
Version:	2.6.9
Hardware:	Other Linux

Importance:	P3 enhancement (vote)
Target Milestone:	---
Assignee:	Wayne Davison
QA Contact:	Rsync QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-05-13 06:26 UTC by Felix Kater
Modified:	2020-07-26 01:19 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Felix Kater 2007-05-13 06:26:52 UTC

For safe backups there is the need to keep the files on another (far) place. This comes with the disadvantage that you need trust that place (which is almoust a contradiction :-)

So, encryption of these files would help so that files are useless for the receiver.

Using rsync via ssh for far backups, this came to my mind: Since ssh as encryption built-in, couldn't it be possible to encrypt the files so that the spawned rsync process (receiving side) does not even decrypt the files but simply saves them? Possibly in the same directory structure.

This would have the advantage over all externally added encryption that rsync *itself* is informed about that, no need to extra decrypt on the receiving side to checksum etc.

Felix

Comment 1 Matthias 2015-03-02 19:54:54 UTC

This is probably not so easy, since the keys which are used for encryption during an SSH session are negotiated in advance to it, are unique for the session (used only once) and get discarded when the session terminates.
Up to my knowledge, rsync does not get in "contact" with the SSH layer, which it is making use of, meaning the session keys are not trivially accessible.

You might want to consider using losetup for transparent encryption, e.g.

 losetup /dev/loop1 backup.file -e aes512

Cheers,Matthias

Comment 2 Shachar Shemesh 2015-03-04 16:53:49 UTC

What you're asking for is currently possible with an external utility, called rsyncrypto (http://rsyncrypto.lingnu.com). It, in fact, does not require you to trust the server you're storing your backups on.

Comment 3 Wayne Davison 2020-07-26 01:19:57 UTC

In addition to the rsyncrypto suggestion (which requires you to encrypt your files before sending them) I added a feature to 3.2.1 which allows you to send data to an daemon rsync's "early exec" script which would allow you to mount an encrypted filesystem using information provided to the script from the client computer (which would keep it off of the remote host).  If you also setup rsync behind an ssl proxy, the secret to mount the encrypted filesystem during the backup copy should be pretty safe.  However, you do have a potential window of exposure during the time that the encrypted filesystem is mounted, so rsyncrypto is the safer way to go. Beyond that, I don't think that I want rsync to actually do the encrypting of the files.