How Backup Repository Encryption Works
Product version: 7.3
Last modified: 05 December 2017
Question
How does Backup Repository encryption work on Linux?
Answer
In Linux, NAKIVO Backup & Replication repositories are encrypted using one of the following two approaches:
-
The
cryptsetuppackage encrypts an entire device, which can be used as any other device in the system. -
The
ecryptfspackage provides encryption of folders.
Supported Systems
Ubuntu
When you create a Backup Repository on a Ubuntu machine, you can enable encryption for that Backup Repository. The cryptsetup approach will be used for devices and partitions. The file system of the encrypted device/partition will be transformed to ext4. At the same time, the ecryptfs approach will be used for encrypting folders.
RHEL
When you create a Backup Repository on a Red Hat Enterprise Linux machine, you can enable repository encryption, but only the cryptsetup approach will be used for encrypting the entire device or partition. The file system of the encrypted device/partition will be transformed to ext4.
SLES
On the SUSE Linux Enterprise Server 11 machine, only the cryptsetup encryption approach is available.This approach will transform the file system of an encrypted device/partition to xfs.
On a SLES 12 machine, both encryption approaches can be used when you enable encryption for a Backup Repository. The ecryptfs package will be used for encrypting folders and the cryptsetup package will be used for encrypting devices/partitions. The file system of a fully encrypted device or partition will be transformed to xfs.