I want to save a backup of my data on a remote server, but never want the backup server to see the data unencrypted.
Editing a single file and backing up should not result in everything being encrypted and sent again.
The remote server should preferably not even know the directory structure (and especially not the directory names).
Is there such a solution?
The best thing around is Duplicity. The only drawback is that it does not handle hardlinks.
Another solution is Tartarus, which can be piped through GPG and FTP/SSH directly to a backup server. It does incrementals.
Here are Tartarus instructions, in German.
I think you'll like rsyncrypto.
Use rsyncrypto to encrypt files from your plaintext directory to your encrypted directory, and decrypt files from your encrypted directory and your plaintext directory, using keys that you keep locally.
Use rsync to synchronize between your encrypted directory and the remote host.
The rsyncrypto implementation you can download now from Sourceforge not only handles changes in bytes, but also insertions and deletions.
With rsyncrypto, all encryption keys never leave the local computer.
"The remote server should preferably not even know the directory structure"
In that case, you'll want to use the --name-encrypt=map option.
That makes each encrypted file name is a random string of characters,
and by default all mangled file names are stored in a single directory.
The true file names and folder names are stored in the (encrypted) file named "filemap".
In recent years, Rclone has been developed. Its motto is "rsync for cloud storage" but beyond things like S3/Azure/Google/etc. cloud storage providers, it also supports syncing between local and SSH/SFTP targets.
Any "remote" you configure, you can also add a crypt wrapper around it. This acts as the original remote, but the contents of all your files (and optionally the file names themselves) get encrypted on the client side. The algorithm is documented, and its been a generally seamless process in my experience so far.
2020 Borg Backup seems to be the alternative.
It seems well mature, maintained and has the requested feature set.
You can use EncFS in "inverse" mode. This gives you an encrypted "view" of a local folder. Then you Rsync this encrypted view instead of the unencrypted data.
This gives you all advantages of rsync without the need to have an encrypted copy of your data.
You can also use encfs to backup to a remote or local drive encrypted and have the individual files available to you to access.
We have an NFS-shared drive and to back up my emails encrypted to that drive I did this:
First mount the remote drive (create all necessary directories as needed):
sudo mount -t nfs -o noatime,nodiratime,relatime,rsize=131072,wsize=131072 192.168.1.5:/mnt/2TBEXTERNAL/media /mnt/nfs/media
then use encfs to create a folder on it, linking your local drive folder to that remote folder. Note that the idle=30 disconnects the link if idle for more than 30 minutes. A good security measure IMHO.
encfs --idle=30 /mnt/nfs/media/BACKUP/.thunderbird-raw /home/turgut/.thunderbird-backup
Now Rsync files encrypted to the NFS mount:
rsync -arvhui /home/turgut/.thunderbird /home/turgut/.thunderbird-backup
Whenever you want to backup again, repeat the commands:
To restore you can use the opposite:
rsync-arvhui /home/turgut/.thunderbird-backup /home/turgut
It's obviously slower than regular Rsync, but it offers instant access to your files and everything is encrypted on the remote drive.
The tool nFreezer is made exactly for this purpose. Example usage:
nfreezer backup test/ user@192.168.0.2:/test/ # Linux
nfreezer backup "D:\My docs\" user@192.168.0.2:/test/ # Windows
The data is encrypted locally and never decrypted on the remote computer.
Some other tools have similar features, but rarely handle file renames / moves gracefully by avoiding to retransfer the data.
(Disclaimer: I'm the author).
I found this tutorial with gocryptfs useful (I am NOT the author): https://www.baeldung.com/linux/rsync-encrypted-remote-backups
