JP Vossen via plug on 12 May 2023 14:28:35 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Physically Secure Backup Disk 

My on-site backup is an rPi4 (8m) with a 5T USB3 disk.  It is encrypted using LUKS, and the long password is taped to the drive because the use-case for encryption is mostly if I ever RMA it, and slightly so I can say the backups are encrypted at rest. :-)

The Pi and disk sit inside a ~45 cubic foot fire resistant safe that already had a small hole drilled in it for a light or dehumidifier or whatever.  I ran power and Ethernet through that.  That has worked for me for at least 2 decades, through a succession of micro-PCs and drives.  I'm pretty sure heat contributed to premature drive death in a few cases, but the current setup has a Pi fan that's also pointed at the USB disk, and it's been happy, even with the LUKS overhead.  The move last year from Raspbian to rPi OS (aka Debian 11) made a *vast* improvement!  With only the OS re-install from scratch on a new (better) SD card, and no other hardware changes, it now easily keeps up with `rsync` and BackupPC (also `rsync`).  I've tried to tune it so that there are not too many concurrent jobs causing resource contention.  With Raspbian it was...struggling.  A lot.

So the concept works, but note the safe I'm talking about is *much* bigger than the $80 1 cubic foot hardware store units.  I suspect those would kill disks, since the entire point of them is to be a heat barrier.

I've wondered about EMP.  On one hand, it's totally enclosed in steel.  OTOH, there are some hand wave-guides coming in from the power grid and my Ethernet.  I *did* lose a NIC in a previous generation to inductance from a close lightning strike in 2009.

This begs the question of on-line off-site backups.  I use hard drive space at Mom's house, but I've wondered a few times about a PLUG co-op.  The idea would be for PLUG folks to do an off-site backup space swap, using a solution like Restic that tolerates untrusted remote storage.  It's easily technically doable, but there would be a lot of other details to figure out (firewall rule management, for one).  The easy case would be 2 folks trading backup appliances and bandwidth, maybe rPis in locked metal lunchboxes to be tamper evident.  ;-)  And you can use the metal of the box as a heat sink.

3 more comments inline below.

On 5/12/23 04:02 PM, Walt Mankowski via plug wrote:

Seems to me one option would be to keep the disks that are in rotation but not currently in use in the fire safe. You’d lose your most recent data in case of a fire, but hopefully not the bulk of your data.


That does beg the question of where the "offline" drives live.



Another option beside the fire safe would be a safe deposit box at your local bank. This would give you offside backups without worrying about the data getting intercepted during transit. (Unless you’re mugged on the way to your bank.)


More hassle than swapping drives. :-)


Of course with either option you could store important physical documents in there as well.

Walt

On Fri, May 12, 2023, at 2:09 PM, Casey Bralla via plug wrote:


I use a large USB disk connected to a Raspberry Pi for backup. The Pi runs a python script every night to call rsync and backup all my files.  I want to be sure this backup disk is secure in case I actually need the files on it.

The files are secure from being unreadable by making them unencrypted, uncompressed copies using NFS.  Also, I periodically swap the disk so I have a rotation of large disks.  Even if the disk fails, the next oldest is only a few months out of date.

I have made the disk secure from theft by hiding it in a remote corner of my basement.  Anybody who steals my computer equipment will most likely never find the PI and the backup disk.

But I'm worried about protecting it against fire.  I thought I might put the disk inside one of those inexpensive fire safes that people use for critical documents, but I have 2 concerns:

 1. Would the disk overheat in the small unventilated and insulated container?
 2. I'd have to drill a hole for the USB cable.  Would this negate the effectiveness of the "fireproof" box?


Don't you need both power and Ethernet?  Or is it wireless?  I'd recommend cutting the plug off a cheap extension cord then putting on a screw terminal plug.  That way you have a standard plug inside, so when you want to switch power bricks it doesn't matter.

The safe I have is steel with a few layers of drywall (AKA chalk) inside.  The small units you are talking about are probably plastic filled with chalk. Either way I doubt a small hole will matter much, stuff will probably melt into it and more-or-less plug it up anyway.



I'm talking about 8 terabytes of data, so online storage is not practical (and I'm too cheap to pay for it anyway)

I would appreciate suggestions.  TIA!

Casey Bralla



Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug