Discussion:
gzip: unrecognized option `--rsyncable'
Vladimir Botka
2015-09-26 12:32:43 UTC
Permalink
Hello,

I run command [1] in FreeBSD and see gzip error [2]. Would it be
possible to help me? Thank you.

[1] rsyncrypto -r /backup /backup.enc keys backup.crt

[2]
gzip: unrecognized option `--rsyncable'
FreeBSD gzip 20111009
usage: gzip [-123456789acdfhklLNnqrtVv] [-S .suffix] [<file>


Cheers,

-vlado
--
Vladimír Botka
Shachar Shemesh
2015-09-26 12:49:29 UTC
Permalink
Post by Vladimir Botka
Hello,
I run command [1] in FreeBSD and see gzip error [2]. Would it be
possible to help me? Thank you.
In the past, --rsyncable wasn't part of vanilla gzip. It is possible
that FreeBSD doesn't include it. I have no idea if it made it into
vanilla gzip or not. Almost all Linux distributions include it.

Using rsyncrypto without it is rather pointless. There is no point in
giving up security in order to get rsync friendly cypher texts if the
compression then goes ahead and makes them non-rsyncable. I also
wouldn't recommend using rsyncrypto without compression, as it has some
security assumptions that revolve around high entropy input. Using
uncompressed files with rsyncrypto is below the security threshold I
would recommend.

The only solution I can offer is to compile your own version of gzip,
with the rsyncable flag.

Shachar
Guillaume Friloux
2015-09-26 13:57:16 UTC
Permalink
Post by Shachar Shemesh
Post by Vladimir Botka
Hello,
I run command [1] in FreeBSD and see gzip error [2]. Would it be
possible to help me? Thank you.
In the past, --rsyncable wasn't part of vanilla gzip. It is possible
that FreeBSD doesn't include it. I have no idea if it made it into
vanilla gzip or not. Almost all Linux distributions include it.
It has never made it upstream.
But Vladimir should be able to rebuild gzip by enabling rsyncable :
https://www.freshports.org/archivers/gzip/
Post by Shachar Shemesh
Using rsyncrypto without it is rather pointless. There is no point in
giving up security in order to get rsync friendly cypher texts if the
compression then goes ahead and makes them non-rsyncable. I also
wouldn't recommend using rsyncrypto without compression, as it has
some security assumptions that revolve around high entropy input.
Using uncompressed files with rsyncrypto is below the security
threshold I would recommend.
The only solution I can offer is to compile your own version of gzip,
with the rsyncable flag.
Shachar
------------------------------------------------------------------------------
_______________________________________________
Rsyncrypto-devel mailing list
https://lists.sourceforge.net/lists/listinfo/rsyncrypto-devel
------------------------------------------------------------------------------
Vladimir Botka
2015-09-28 12:59:17 UTC
Permalink
Hi Shachar, Guillaume, all

On Sat, 26 Sep 2015 15:57:16 +0200
Post by Guillaume Friloux
Post by Shachar Shemesh
Post by Vladimir Botka
I run command [1] in FreeBSD and see gzip error [2]. Would it be
possible to help me? Thank you.
In the past, --rsyncable wasn't part of vanilla gzip. It is possible
that FreeBSD doesn't include it. I have no idea if it made it into
vanilla gzip or not. Almost all Linux distributions include it.
It has never made it upstream.
https://www.freshports.org/archivers/gzip/
thank you very much for the comments and advice! Gzip from
ports works as expected.

For the record. In FreeBSD 10.0:
* Gzip from the ports compiles by default with --rsyncable
(/usr/local/bin/gzip)
* Gzip included in the system doesn't. (/usr/bin/gzip)

Cheers,
-vlado
--
Vladimir Botka
Vladimir Botka
2015-10-05 08:30:06 UTC
Permalink
Hi all,

JFYI I've created scripts to use rsyncrypto with rsnapshot and rsync.
https://github.com/vbotka9/rcb

The purpose is to test the consistency of the loop
* rsnapshot
* store some meta-data of the snapshot [1]
* rsyncrypto encrypt snapshot
* rsync encrypted snapshot to remote backup
* rsyncrypto decrypt snapshot
* restore the data from the snapshot and compare it with the original
data

[1] empty directories, links, file attributes (owner,group,mode,time),
not stored in rsyncrypto

The scripts were tested in FreeBSD 10.2 and Ubuntu 14.04 as described
in the NOTES
https://github.com/vbotka9/rcb/blob/master/NOTES.freebsd
https://github.com/vbotka9/rcb/blob/master/NOTES.ubuntu

I'd appreciate any comments, advices, suggestions etc. Thank you,

Cheers,

-vlado
--
Vladimír Botka
Loading...