QRecall Community Forum

Navigation
Forum Index Search Recent Topics Hottest Topics Top Downloads

Register / Login  |  Desktop view  |  Jump to bottom of page

Cookbook and FAQ » encryption and backup

Author: john hampson
2 decades ago
Problem:

certain files in the system need to be secure/encrypted but not all,

e.g.

some documents
mailboxes
certain projects

Proposed solution

Encrypted sparse bundle on internal drive with symlinks for mail, secure documents and secure projects.

Backup solution:
External drive with similar (but larger) encrypted sparse bundle. Qrecall to backup from internal sparse bundle to external sparse bundle.

Sparse bundles to be added to login options so mounting and unmounting is automatic. (passwords not kept in keychain, so you are prompted for passwords when mounting)

I've done a proof of concept test with mail and a few folders, seems to work OK


I then create a new archive for my complete home folder, but just excluding the sparse bundle. This provides for an archive of all my remaining data.

Note, I store my iTunes and Photos on a separate Media partition and archive them independently (only on demand)

Can anybody see any flaws in this approach?

Is there any suggestion for a better method?

Author: James Bucanek
2 decades ago
There's a slightly simpler approach, but you would lose the ability to browse individual files in the encrypted disk image.

Keep the single, encrypted, sparse disk image on your primary partition that contains your sensitive files. Then simply capture the entire volume to an external archive. The archive would contain all of the non-encrypted files and the single encrypted disk image file.

You would not be able to browse changes to your encrypted files; you would have to recall the entire encrypted volume in order to recover one or more items. But it would simplify the arrangement.

Author: Bruce Giles
2 decades ago
 
john hampson wrote:Can anybody see any flaws in this approach?

Is there any suggestion for a better method?
I'm not quite sure if this will do what you want, but you can use TrueCrypt (free disk encryption software from <http://www.truecrypt.org/> ) to create an encrypted partition on an external drive.

You need to supply a password to mount the partition, but once it's mounted, reads and writes are encrypted/decrypted on-the-fly. I ran some brief tests with QRecall and it seemed to work just fine with an archive on an encrypted partition. It is a little slower, because of the on-the-fly encryption.

Once the partition is unmounted, no one can access anything on it without the password.

-- Bruce




Register / Login  |  Desktop view  |  Jump to top of page