Dear all, I have read+write keys on machines doing backups. A separate host stores the delete key and does backup rotation. I rsync tarsnap cache directories back and forth to keep them synchronized. I recently came across this post that says rsyncing basically invalidates the point of having a separate delete key: http://mail.tarsnap.com/tarsnap-users/msg00935.html Is this a valid concern? If subverting the cache directory is indeed possible, it probably requires a much more sophisticated attacker than one who knows how to do "tarsnap -d". Originally my intention was to avoid doing regular "tarsnap --fsck". --fsck seems to take several times the time and bandwidth compared to a regular daily tarsnap backup on my machines. Best regards, Tomaž
Attachment:
signature.asc
Description: OpenPGP digital signature