One of the great features of LONE-TAR that you cannot get with open-source backup software, is our HIPPA compliant encryption module. Our module uses 256bit AES (Advanced Encryption Standard) to encrypt your data. All you have to do is setup a pass-phrase that is easy to remember by the user but hard for a hacker to crack. Once a pass-phrase is entered for your device, all backups to that device will be encrypted and cannot be read without decryption first.

When using encryption, remember to...

- Test a restore using your pass-phrase
- Make new AIR-BAG media when pass-phrase changes
- DO NOT FORGET YOUR PASS-PHRASE!

After you enable encryption, the Device Manager will have new options when editing your devices. Option #11 will now allow you to setup encryption, or change/remove your encryption pass-phrase.

When encryption has been enabled, the message *** Encryption Active *** will appear .

Log files will be updated with the -zCRYPT option.

# /bin/lone-tar -X /log/list.dir/exclude-Master_SSH -PZMaVLRRR 10 -fbk 10.1.10.22:/backups/shiraz/M-backup-Wed.ltar 64 20000000 -zCASCADE -zCRYPT=1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx .

As you watch files being backed up, you will notice at the end of each file, the word encrypting:
    -- a ./boot/grub2/grub.cfg, 12 blocks...compressing bzip and encrypting===> 4 blocks!! (70.24%)

The log files always 'x' out the key for protection.

If you would like to see the actual key, it resides inside /usr/lone-tar/ltar.dev

SAMPLE:
LTCRYPT[0]="33ad17eab4bec498f446988c388bd5a433ad17eab4bec498f446988c388bd5a4"
 

Pros to using data encryption:

1. Protects your data from prying eyes.
2. You can take backup media off-site without fear of exposing the data.
3. Protect your data from internal sabotage.
4. Safe from lost or stolen backup media.

Cons to using data encryption:

1. Forgetting the pass-phrase
2. Tendency for backup times to increase by 6%