add support for backups via SFTP
Posted: Fri Feb 16, 2007 12:59 am
abstract: Network based backup mechanisms suffer from a lack security or significant complexity in implementation. The additional support of SFTP, which could possibly simply extend existing features, would remedy this problem.
full rational: I need to manage backups for a fleet of nomad laptop users, or just a dispersed user base where the only point in common is an Internet connection. The idea is that various computer systems all call into the same server which manages the backups of the various users.
Naturally, this is theoretically already be possible using e-mail, FTP, VPN, or NetBIOS/CIFS/SMB backup.
E-mail is impractical, as large data volume (10GB +) can not be managed with this.
FTP/NetBIOS/CIFS/SMB is dangerous as both the server and the data transmission are very hard to secure. In my experience, securing such services is almost impossible. If we consider that a significant user base will be connecting at perfectly predictable intervals, this adds the sniffing attack vector as it makes it much easier to target the transmission of data.
VPN as a security wrapper is also impractical as it dramatically slows down performance one the one hand (4 hours for just 500 MB in my trials) and adds a layer of complexity that makes it impossible to render the backup service transparent to the user.
The solution I envisage, and hereby request, is the additional support in AISBackup for SFTP, i.e. FTP implemented through SSH. This does not refer to tunneling FTP connections through a SSH connections (which is impossible) nor the use of SSL around classic FTP, but the SSH protocol implementation of FTP.
This adds two things: encrypted transport of data such that data that is being backed-up can not be sniffed and neither can credentials on the remote backup server, and additionally an FTP implementation that does not require an control channel and a data channel. SFTP through SSH would even support the use of pre-shared key files, which significantly simplifies the secure management of numerous systems for automated use of credentials.
The complexity of this task should be fairly low, as the basic transport model is that of FTP, which is already supported, and libraries that can be called upon to simply add a wrapper exist abound (OpenSSH, PuTTY, etc.).
Thanks for your consideration.
full rational: I need to manage backups for a fleet of nomad laptop users, or just a dispersed user base where the only point in common is an Internet connection. The idea is that various computer systems all call into the same server which manages the backups of the various users.
Naturally, this is theoretically already be possible using e-mail, FTP, VPN, or NetBIOS/CIFS/SMB backup.
E-mail is impractical, as large data volume (10GB +) can not be managed with this.
FTP/NetBIOS/CIFS/SMB is dangerous as both the server and the data transmission are very hard to secure. In my experience, securing such services is almost impossible. If we consider that a significant user base will be connecting at perfectly predictable intervals, this adds the sniffing attack vector as it makes it much easier to target the transmission of data.
VPN as a security wrapper is also impractical as it dramatically slows down performance one the one hand (4 hours for just 500 MB in my trials) and adds a layer of complexity that makes it impossible to render the backup service transparent to the user.
The solution I envisage, and hereby request, is the additional support in AISBackup for SFTP, i.e. FTP implemented through SSH. This does not refer to tunneling FTP connections through a SSH connections (which is impossible) nor the use of SSL around classic FTP, but the SSH protocol implementation of FTP.
This adds two things: encrypted transport of data such that data that is being backed-up can not be sniffed and neither can credentials on the remote backup server, and additionally an FTP implementation that does not require an control channel and a data channel. SFTP through SSH would even support the use of pre-shared key files, which significantly simplifies the secure management of numerous systems for automated use of credentials.
The complexity of this task should be fairly low, as the basic transport model is that of FTP, which is already supported, and libraries that can be called upon to simply add a wrapper exist abound (OpenSSH, PuTTY, etc.).
Thanks for your consideration.