Ubuntu: How to safely back up the “Private” folder?



Question:

I have an ecryptfs "Private" folder in my home directory, and it is set up to automatically mount whenever I log in. I want to set up automatic backups to a network drive, but I don't want the contents of Private to be readable on the remote server. My understanding is that the Ubuntu "Backup" utility would run while I'm logged in, so it would see the folder contents without encryption. I'm backing up from a laptop, so it is essentially only on when I am logged in.

I know that the Private folder is essentially a mounted filesystem, so it seems like I should be able to backup the encrypted image rather than the cleartext contents.

What steps are needed to safely back it up, while maintaining the encryption? Note that I'm already familiar with the backup tools available, this question is about dealing with the ecryptfs folder safely.


Solution:1

As it turns out, the .Private filesystem is ecryptfs, which contains a separate encrypted file for each item.

My solution is to backup the contents of ~/.Private (even though it is mounted at the time). The backup process should handle any changes in that folder gracefully since they are individual files.


Solution:2

  • Logout from graphical desktop
  • switch to text mode using CTRL-ALT-F1
  • login as a different user with rights to access the encrypted files
  • copy contents of the encrypted file folder to your network drive. I would recommend writing a short shell script which copies the files using rsync
  • verify that you can mount and access the encrypted backup files

Reference: https://superuser.com/questions/227713/ecryptfs-how-to-mount-a-backup-of-an-encrypted-home-dir


Solution:3

You can use duplicity

  • Securely gpg encrypted
  • Supports ssh, ftp, webdav, amazon s3
  • uses rsync (only changed files are sent in future backups)

Déjà Dup is a GUI frontend for duplicity. Make sure to check Encrypt backup files.


Solution:4

You can use minio client aka mc

  • Supports amazon S3 & Google Cloud Storage
  • Written in Golang
  • Apache License v2.0

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »