How Backup Repository Encryption Works
Product version: 7.3
Last modified: 05 December 2017
How does Backup Repository encryption work on Linux?
In Linux, NAKIVO Backup & Replication repositories are encrypted using one of the following two approaches:
cryptsetuppackage encrypts an entire device, which can be used as any other device in the system.
ecryptfspackage provides encryption of folders.
When you create a Backup Repository on a Ubuntu machine, you can enable encryption for that Backup Repository. The
cryptsetup approach will be used for devices and partitions. The file system of the encrypted device/partition will be transformed to ext4. At the same time, the
ecryptfs approach will be used for encrypting folders.
When you create a Backup Repository on a Red Hat Enterprise Linux machine, you can enable repository encryption, but only the
cryptsetup approach will be used for encrypting the entire device or partition. The file system of the encrypted device/partition will be transformed to ext4.
On the SUSE Linux Enterprise Server 11 machine, only the
cryptsetup encryption approach is available.This approach will transform the file system of an encrypted device/partition to xfs.
On a SLES 12 machine, both encryption approaches can be used when you enable encryption for a Backup Repository. The
ecryptfs package will be used for encrypting folders and the
cryptsetup package will be used for encrypting devices/partitions. The file system of a fully encrypted device or partition will be transformed to xfs.