0

I use ZFS send and receive to send incremental snapshots of an encrypted dataset in raw mode over SSH to a backup server using mbuffer over the internet.

Using this strategy the transferspeed increases greatly. Only using a 10 year old Core 2 Duo, I hit a transferspeed of 750Mbit on my test bench, because the data isn't decrypted, encrypted and compressed again.

Using mbuffer however, you send data over a raw TCP stream, no encryption is used. This is okay for a trusted network, but normally not for a public network.

But I send raw encrypted data and all commands to establish the data transfer are still encrypted using SSH.

Is it safe to use mbuffer to send data over a public network when sending raw encrypted data?

Crestop
  • 11
  • 4
  • Why would you not use both? It's simple and easy; see syncoid for example. – Michael Hampton Jul 28 '20 at 15:53
  • Assuming you mean sending snapshots in raw mode and sending data over a raw TCP stream, I use both. But using both, raises the security question. – Crestop Jul 28 '20 at 16:01
  • No, I mean using ssh and mbuffer together. Did you not look at syncoid? – Michael Hampton Jul 28 '20 at 16:12
  • I could use ssh and mbuffer together, that's easy. But then the data would be encrypted and decrypted again. That would increase the cpu load on both servers, and a decrease in transferspeed. But for what? The case is to not use ssh and mbuffer together, but to use mbuffer to send data over a raw TCP stream, because the data is already encrypted. – Crestop Jul 28 '20 at 18:18

0 Answers0