Bruce Fletcher asked for a "simple" encryption method to be used with Amanda-server. gpg-amanda http://security.uchicago.edu/tools/gpg-amanda/ seems to create problems at restore-time, as it uses a wrapper for gzip.
My solution uses a wrapper for GNU-tar instead, so there are several disadvantages avoided.
/var/lib/amanda
). This should be done with
variables later, I agree ...
What you need:
aespipe http://loop-aes.sourceforge.net/aespipe/aespipe-v2.3b.tar.bz2 and the bz2aespipe-wrapper that comes with it. It gets patched as described later.
the wrapper-script /usr/local/libexec/amgtar
, as listed
down below,
GNU-PG http://www.gnupg.org/(en)/download/index.html. This should be part of most current operating systems already.
Amanda ;)
Configure and compile aespipe:
tar -xjf aespipe-v2.3b.tar.bz2 cd aespipe-v2.3b ./configure make make install
Generate and store the gpg-key for the Amanda-user:
# taken from the aespipe-README head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 | \ gpg --symmetric -a > /var/lib/amanda/.gnupg/am_key.gpg
This will ask for a passphrase. Remember this passphrase as you will need it in the next step.
Store the passphrase inside the home-directory of the Amanda-user and protect it with proper permissions:
echo my_secret_passphrase > ~amanda/.am_passphrase chown amanda:disk ~amanda/.am_passphrase chmod 700 ~amanda/.am_passphrase
We need this file because we don't want to have to enter the passphrase manually everytime we run
amdump. We have to patch bz2aespipe to read the passphrase from a file. I have
called that file ~amanda/.am_passphrase
.
It should NOT ;) look like this:
# cat ~amanda/.am_passphrase my_secret_passphrase
Create the wrapper for GNU-tar:
Example 16.1. /usr/local/libexec/amgtar
#!/bin/sh # # Original wrapper by Paul Bijnens # # crippled by Stefan G. Weichinger # to enable gpg-encrypted dumps via aespipe GTAR=/bin/tar AM_AESPIPE=/usr/local/bin/amaespipe AM_PASSPHRASE=/var/lib/amanda/.am_passphrase LOG=/dev/null LOG_ENABLED=1 if [ "$LOG_ENABLED" = "1" ] then LOG=/var/log/amanda/amgtar.debug date >> $LOG echo "$@" >> $LOG fi if [ "$3" = "/dev/null" ] then echo "Estimate only" >> $LOG $GTAR "$@" else echo "Real backup" >> $LOG $GTAR --use-compress-program="$AM_AESPIPE" "$@" 3< $AM_PASSPHRASE fi rc=$? exit $rc
Copy the wrapper-script bz2aespipe, which comes with the aespipe-tarball, to
/usr/local/bin/amaespipe
and edit it this way:
Example 16.2. /usr/local/bin/amaespipe
#! /bin/sh # FILE FORMAT # 10 bytes: constant string 'bz2aespipe' # 10 bytes: itercountk digits # 1 byte: '0' = AES128, '1' = AES192, '2' = AES256 # 1 byte: '0' = SHA256, '1' = SHA384, '2' = SHA512, '3' = RMD160 # 24 bytes: random seed string # remaining bytes are bzip2 compressed and aespipe encrypted # These definitions are only used when encrypting. # Decryption will autodetect these definitions from archive. ENCRYPTION=AES256 HASHFUNC=SHA256 ITERCOUNTK=100 WAITSECONDS=1 GPGKEY="/var/lib/amanda/.gnupg/am_key.gpg" FDNUMBER=3 if test x$1 = x-d ; then # decrypt n=`head -c 10 - | tr -d -c 0-9a-zA-Z` if test x${n} != xbz2aespipe ; then echo "bz2aespipe: wrong magic - aborted" >/dev/tty exit 1 fi itercountk=`head -c 10 - | tr -d -c 0-9` if test x${itercountk} = x ; then itercountk=0; fi n=`head -c 1 - | tr -d -c 0-9` encryption=AES128 if test x${n} = x1 ; then encryption=AES192; fi if test x${n} = x2 ; then encryption=AES256; fi n=`head -c 1 - | tr -d -c 0-9` hashfunc=SHA256 if test x${n} = x1 ; then hashfunc=SHA384; fi if test x${n} = x2 ; then hashfunc=SHA512; fi if test x${n} = x3 ; then hashfunc=RMD160; fi seedstr=`head -c 24 - | tr -d -c 0-9a-zA-Z+/` #aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d | bzip2 -d -q aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d else # encrypt echo -n bz2aespipe echo ${ITERCOUNTK} | awk '{printf "%10u", $1;}' n=`echo ${ENCRYPTION} | tr -d -c 0-9` aesstr=0 if test x${n} = x192 ; then aesstr=1; fi if test x${n} = x256 ; then aesstr=2; fi n=`echo ${HASHFUNC} | tr -d -c 0-9` hashstr=0 if test x${n} = x384 ; then hashstr=1; fi if test x${n} = x512 ; then hashstr=2; fi if test x${n} = x160 ; then hashstr=3; fi seedstr=`head -c 18 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1` echo -n ${aesstr}${hashstr}${seedstr} #bzip2 | aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS} aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS} fi exit 0
Example 16.3. bz2aespipe.patch
@@ -15,3 +15,5 @@ ITERCOUNTK=100 -WAITSECONDS=10 +WAITSECONDS=1 +GPGKEY="/var/lib/amanda/.gnupg/am_key.gpg" +FDNUMBER=3 @@ -36,3 +38,4 @@ seedstr=`head -c 24 - | tr -d -c 0-9a-zA-Z+/` - aespipe -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d | bzip2 -d -q + #aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d | bzip2 -d -q + aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${encryption} -H ${hashfunc} -S "${seedstr}" -C ${itercountk} -d else @@ -52,3 +55,4 @@ echo -n ${aesstr}${hashstr}${seedstr} - bzip2 | aespipe -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -T -w ${WAITSECONDS} + #bzip2 | aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS} + aespipe -K ${GPGKEY} -p ${FDNUMBER} -e ${ENCRYPTION} -H ${HASHFUNC} -S ${seedstr} -C ${ITERCOUNTK} -w ${WAITSECONDS} fi
Things I have changed:
Decreased WAITSECONDS: No need to wait for 10 seconds to read the passphrase.
Removed bzip2 from the pipes: Amanda triggers GNU-zip-compression by itself, no need to do this twice (slows down things, blows up size).
Added options -K and -p: This enables aespipe to use the generated gpg-key and tells it the number of the file-descriptor to read the passphrase from.
Reconfigure and recompile Amanda (yes, I'm sorry ...):
As described in How to use a wrapper you have to run configure again with the option --with-gnutar=/usr/local/libexec/amgtar, after that recompile and reinstall Amanda. These steps are described in the mentioned document.
There are several wishes:
Ability to switch encryption inside a dumptype. This HOWTO describes a method that enables/disables encryption for the whole installation. You might remove the amgtar-wrapper and simply link to plain GNU-tar again to disable encryption, but be aware that you also disable decryption with this step. You will hit problems when you then try to restore encrypted tapes.
Ability to switch encryption-parameters inside a dumptype. Choice of algorithm, hash-functions etc. I don't know if it makes sense to put it into a dumptype or if it would be enough to configure it once inside amaespipe (I assume the latter).
All this leads to the need to code this into Amanda itself: new dumptype-options and
corresponding calls to GNU-tar etc. inside
client-src/sendbackup-gnutar.c
.
This is it so far. Release early, release often. Feel free to contact me with your thoughts on this paper.