With the proliferation of open public wireless networks, more and more of our clients wanted to use the possibilities of freely downloading hundreds of megabytes of their private data. This data included compressed files containing web sites, databases, scripts and even e-commerce credit card depositories. Don't get me wrong - secure backups aren't in any way solely concentrated to wireless networks, but we usually presume that our fixed line connections are secure from prying eyes. From the disclaimer point of view - every business data that is transferred from spot A to spot B, should be decently encrypted.
As the majority of our users are hosted on Linux and BSD servers but are not very keen to system administration, this article should be of interest mainly to this type of readers.
Server perspective #1
GnuPG is a complete and free replacement for PGP. It is a valuable piece of software that is very easy to use and will serve our purpose for covering the topic of secure backups. I won't got into details in installing GnuPG as there are number of good installation guides around that pretty much cover this topic (faqs.org, linux-tutorial.info and web.bham.ac.uk). Depending on your server and administrator, GnuPG will be ither pre-installed, installed after bugging the administrator or installed by yourself if you have sufficient local privileges.
Client perspective #1
Installation on the client's machine is the same as on the server as we are not talking about client/server infrastructure, but should rather consider the server as a friend with whome you'll do a secure transfer. The only thing you should do is to export your public key from the client's computer and import it on your server. This is easily done on these two ways:
[cron@enberg]$ gpg --export -a "Mark Woodstone"
[cron@enberg]$ gpg --export -a "Mark Woodstone" > /tmp/gpg.key
As you could probably figure out by yourself, the first example flushes your GPG key to the screen for some copy/pasting and the second one saves it to the gpg.key file in /tmp folder. If you have a fresh installation of GnuPG, you should first create your own key by using gpg --gen-key.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.