| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net>, Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Ants Aasma <ants(dot)aasma(at)eesti(dot)ee>, Robert Haas <robertmhaas(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: WIP: Data at rest encryption |
| Date: | 2017-06-13 19:45:05 |
| Message-ID: | 3550f152-9349-ee2b-edae-a8ec09d8d9fc@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6/13/17 15:20, Stephen Frost wrote:
> For example, you could simply do:
>
> cp -a /path/to/PG /mnt/usb
>
> and you're done. If you're using filesystem level encryption then you'd
> have to re-encrypt the data, using something like:
>
> tar -cf - /path/to/PG | openssl -key private.key > /mnt/usb/encrypted_cluster.tar
>
> And then you would need openssl on the other system to decrypt it.
Or make the USB file system encrypted as well? If you're in that kind
of environment, that would surely be feasible, if not required.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2017-06-13 19:49:46 | Re: Get stuck when dropping a subscription during synchronizing table |
| Previous Message | Peter Eisentraut | 2017-06-13 19:43:14 | Re: WIP: Data at rest encryption |