Virtual Space / Encrypted Container over ssh
What about a virtual filesystem which is encrypted like TrueCrypt? Well that’s easy on Linux.
In the last step we even do this on a remote host with ssh. So in this case we have a remote backup.
But the other site can’t do anything with the file, it only looks like a big and it is encrypted.
Let’s begin local:
- Let’s create a container:dd if=/dev/urandom of=Container count=1 bs=10M
A file filled with random data with the size of 10Mb is created. If you want to speed up the process, you could use io=/dev/zero
- Create a loopback device
losetup /dev/loop1 Container
- Format the container (ext2 in this case, of course you can use ext3/4)mkfs /dev/loop1
- Mount the container, so we can use it to store data in
mount /dev/loop1 /media/virtualspace
After mounting, you can access this virtual filesystem just as usual. Well a backup is not a backup when it’s on the same drive.
So at least do this on a USB drive/stick or something. But what if you want to make backups at the linux-server at your friends place?
Of course you trust your friend, but just to be sure we are going to encrypt the container.
We need a ssh connection and some extra packages from EPEL for this. We are using sshfs (ssh filesystem) for this.
Install fuse-sshfs, for CentOS with yum install fuse-sshfs. After this do:
- mkdir /media/remote_sshfs
- sshfs [USER]@[HOST]:/home/[user]/backup /media/remote_sshfs
/home/user/backup needs to be there and has the right permissions.
Supply your password and that’s it. A remote filesystem over ssh.
Now we are going to make the backup container/filesystem on the remote side:
- dd -io=/dev/urandom if=/media/remote_sshfs/backup-container count=1 bs=10M
Ofcourse 10Mb is not much for a backup, just play with it and use a large file later.
- TIP as it seems you have ssh access, create the file on the other side by logging in, as it takes (a long) time to create the file.