I’m also moving (forced) from CrashPlan and really need encrypted backups on server end, even at expense of losing deduplication. Basically scenario 4 in ffsb’s post. Without that I run into compliance problems.
I would like encryption for home because the backups are stored externally.
Because i am my own admins and the computers are backup belongs to me,
i wouldn’t mind to have either a single pass for all the clients or one per client or user.
Personally i wouldn’t mind a “rough” storage encryption that wouldn’t cover for example metadata and folder tree, as long as file names are encrypted.
My understanding is that it s not much more difficult to encrypt file names than file content, interesting data can still be extracted from the file names, for example try to attack a special file, whereas knowing that one folder contazins alot of files and another one very few wouldn’t help too much for an attacker.
Actually even rot13 for filesname and filecontent would protect against a brut scan of the file from a bot/worm.
Thinking about it, where to place the decryption key is slightly annoying.
To be done well, it would need to reside on client and not on server.
Then this cause a ton of complexity, however the main issue is basically bot or script kiddies that even given access to the server wouldn’t be able to du much if their tools doesn’t support urbackup decryption.
Another issue is that the storage is remotly hosted and can be looked at the the host , but again i think simple encryption is enough
Another issue is that the admin can read the user’s files, but solving this creates it s own pitfalls.
In case the key is per user or client
Maybe the key needs to be sent to the user by email in case the server has to be restore from scratch, as to make sure he received it at least once.
Eventually add an option to allow the admin to restore in case the user lost its key.
Because users wouldn’t care about not losing their key until they realise that they need it for restore.
For inter client dedup and different users having access to different clients, i wonder how that could work. Like gpg can encrypt for multiple recipient, but if you give access to a user after a backup, he wouldn’t be able to decrypt previous ones. Or maybe make a group key that can decrypt the backups and allow many users to decrypt that group key.
And if that’s possible to encrypt for different users, maybe that’s also possible to dedup between clients.
I wonder how much additional dedup occures between clients (30% ?). So i am not sure if the tradoff for supporting it would be that bad.
If encryption is implemented, if possible please add an encryption type as metadata for each backup.
So that it becomes possible to switch from from a some heavy pgp thing to a fast rot13 one in case i realise that there a cpu issue, without having to scratch all the backups for that client.
… that was long
1 Like
Do not misunderstand me, I like urbackup a lot (I do not need encryption), but for those who need encrytption, Duplicati might be worth a look.
I looked at it before I went for this, I liked the look of it, however for me
This: is a deal breaker for anyone backing up Windows clients. The issue (at the time of writing) is still open.
For a backup program the absolute requirement above ALL others is that restoring works properly, hence settling here rather than there.
[I am also a struggling crashplan refugee]
quick question about using duplicati in conjunction with urbackup:
urbackup does restore junction points properly AFAIK and store them in their own backup format…
so…
if you setup your urbackup server on your LAN for your everyday backup… then replicate the urbackup db and backups folders with duplicati (encrypted/compressed) to the cloud… is it fair to assume that the junction points of your clients are anyway hidden from duplicati embedded inside the urbackup images?
note: I haven’t tested restoring junction points yet… (only a very basic file restore so far…)
As noted by others, the encryption of user data when at rest on the server is critical. This server becomes the central location that stores all data from all clients (sensitive data or not). This of course makes the backup server a huge liability for data breach.
Especially in the case of people who were using the free P2P backup options of CrashPlan, the data is likely on servers that are not under full control (physical and logical security). This could be a friends computer or a VPS somewhere.
Having application specific encryption with its own passphrase, encrypted at the client would solve this.
I think, as also mentioned, many people are OK with losing some space savings of dedup when this feature is enabled.
As for the encryption key, I think one that is generated from a passphrase might be useful and easier to keep track of than a key file on the client.
I’m also looking to migrate off CrashPlan. ( sad really )
I’m comparing UrBackup and Duplicati as my solutions for family backup. I see number of other posts here in a similar predicament.
I find that Duplicati is a little fiddly t use and I would be concerned about user error, also a file restore seems to take a very long time depending on what volume of database files needs to be downloaded.
I think UrBackup is very promising. I agree with other posters here tht it does need a client side PKI based encryption option. I would gladly sacrifice server disk space and deduplication of backed up data in favour of files being encrypted using a GPG or other PKI encryption key. For me this is a must-have feature.
I am also in support for feature of some sort of encryption of data at the server for security compliance.
Apart from the client, the data on the server should not be accessible to any other (Admin/user) and in case it is not possible then at least data should be correctly encrypted so that it is safe and can not be decrypted.
@uroni +1 from me.
I don’t need encryption of file-structure. If I’m unable to read the file, that’s good enough for me. Super-duper-important is that the client encrypts stuff, and not the server.
Encryption would need to be reproducible, I guess, to prevent continuous full backups.
This feature would take away a lot of issues with regard to #gdpr
2 Likes
Encryption of file-structure or partition image would be great for everyone. It can be enable or disable from server side and client side. For home users should be able to use it for general purposes. However, it should be only set from administrator for business purposes.
Without any encryption option with UrBackup, unfortunately its not a choice to backup & restore solution for me at all. 
Thank you.
Allowing encryption to be disabled serverside would render encryption useless, don’t you think?
I’d like to point out that I for one want to see the ability to encrypt backup traffic on LAN too, not just internet. This way the backup traffic can’t get snooped by staff or internal breaches. The majority of IT Security breaches, statistically, are done by company staff, not external parties. Having it be unencrypted on LAN makes it just that much easier to scoop data off other computers you don’t have access to.
You can of course use the internet mode locally. It’s harder to setup, but otherwise it has next to no disadvantages.
I might have missed it, but where in the Admin Docs would I find adapting the internet mode for LAN? Does that break LAN discovery at all?
One of these:
- You can run
"C:\Program Files\UrBackup\enable_internet_only.bat"on the clients - Put server in a separate (virtual) network and only forward internet + web interface
- Block 35623 UPD outgoing on the server with its firewall settings
- The 2.2.x server has a
--internet-onlyswitch. On Windows add
–internet_only_mode
true
to args.txt
Of course it breaks LAN discovery. But you can temporarily switch LAN mode back on once you have a new client.
2 Likes
Are “internet” clients able to get new client updates pushed from the server? Is there any possibility in the future we can have LAN encryption + discovery? Or is that an impossibility?
Sorry. But if the client would encrypt the backup, encryption of the traffic would not be required…
I’m confused. Internet backup (as opposed to LAN), would mean the backup itself is encrypted, even on the server-side? Not the traffic between Client and Server?
What about wanting in-traffic encryption, but not on-disk encryption on the server? (for restoration reasons)
Also, another question came to mind. If I do ONLY internet backups, does the Restoration ISO stop being able to discover LAN UrBackup servers?
Shall we keep this topic about the Feature Request it’s about?