Creating Secure Backups With GnuPG
I’m working for a relatively large Internet Presence Provider (IPP) that servs about 4000 clients from about 30 countries worldwide. Besides a chunk of e-mails to our support regarding viruses, leaching and insecure Perl/PHP scripts, I’ve seen a number of questions related to securely downloading backups.
With the proliferation of open public wireless networks, more and more of our clients wanted to use the possibilities of freely downloading hundreds of megabytes of their private data. This data included compressed files containing web sites, databases, scripts and even e-commerce credit card depositories. Don’t get me wrong – secure backups aren’t in any way solely concentrated to wireless networks, but we usually presume that our fixed line connections are secure from prying eyes. From the disclaimer point of view – every business data that is transferred from spot A to spot B, should be decently encrypted.
As the majority of our users are hosted on Linux and BSD servers but are not very keen to system administration, this article should be of interest mainly to this type of readers.
Server perspective #1
GnuPG is a complete and free replacement for PGP. It is a valuable piece of software that is very easy to use and will serve our purpose for covering the topic of secure backups. I won’t got into details in installing GnuPG as there are number of good installation guides around that pretty much cover this topic (faqs.org, linux-tutorial.info and web.bham.ac.uk). Depending on your server and administrator, GnuPG will be ither pre-installed, installed after bugging the administrator or installed by yourself if you have sufficient local privileges.
Client perspective #1
Installation on the client’s machine is the same as on the server as we are not talking about client/server infrastructure, but should rather consider the server as a friend with whome you’ll do a secure transfer. The only thing you should do is to export your public key from the client’s computer and import it on your server. This is easily done on these two ways:
[cron@enberg]$ gpg –export -a “Mark Woodstone”
or
[cron@enberg]$ gpg –export -a “Mark Woodstone” > /tmp/gpg.key
As you could probably figure out by yourself, the first example flushes your GPG key to the screen for some copy/pasting and the second one saves it to the gpg.key file in /tmp folder. If you have a fresh installation of GnuPG, you should first create your own key by using gpg –gen-key.
Server perspective #2
Now when you transferred your GPG key to the server, it is time to import it into local GnuPG copy running there. It is done on this way and generates the following message.
[battle@royale]$ gpg –import /tmp/client-gpg.key
gpg: Warning: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpg: /www/site2111/.gnupg/trustdb.gpg: trustdb created
gpg: key A360769C: public key imported
gpg: Total number processed: 1
gpg: imported: 1
Now when the server has the client’s public key, it is time to encrypt data (in this situation a mysql dump) that is scheduled for transfer to the client’s computer.
[battle@royale]$ gpg –encrypt -r “Mark Woodstone” mysql-dump-2004_34.txt.gz
[battle@royale]$ ls -al
-rw-rw-r– 1 hosting hosting 38147486 Mar 4 12:24 mysql-dump-2004_34.txt.gz.gpg
As you can see, a new file was created and has a .gpg file type appended to the original file name.
Client perspective #2
After downloading the file we have just a quick decrypt process to do:
[cron@enberg]$ gpg -d mysql-dump-2004_34.txt.gz.gpg > mysql-dump-2004_34.txt.gz
This concludes a brief process of securely downloading a file from a remote location. If your client or server computers aren’t decently patched and/or secured, the security of the download process is a bit irrelevant, but that is up to you to take care of.