For a long while now I’ve been looking for a decent & automatic way to protect the data on the multitude of computers I support in my personal life. I’ve been using a hodgepodge of external disks and synchronization software to keep a spare copy of my data, photos, and media, but with the impending birth of my daughter I figure I’m not going to have time or the willingness to mess around with kludgy solutions anymore. I also don’t want to run the risk of data loss when it comes to things my relatives would judge me on. “What do you mean you don’t have the video of her <doing some activity>?”
I stumbled upon CrashPlan a few weeks ago and instantly took a liking to it. The client is free, works on Windows, Mac OS, Linux, and Solaris, and can back up between computers, to drives, and to friends for free, with full encryption support. The paid side of the service is the cloud backup and some advanced features in the client, like “backup sets.” Backup sets are really just multiple source/target/schedule combinations, that’s all, but it’s handy if you want to back your photos up locally but send your documents up to the cloud.
I really like that they have an unlimited data family plan, up to 10 computers, which is pretty inexpensive (like $6 a month) if you decide to pony up for 4 years of service. The downside to that is that it’s one account that can see all the data backed up into it, so if you think that this would be a good way to back up your brother-in-law’s computer you need to make sure you trust that he’s not going to go trolling through all your data. You can set passwords on the local client, though, and passwords & keys on the uploaded data, which trade ease-of-use for more privacy.
The cloud backup part is a little pokey, though. It’s been getting 500 Kbps from a Linux host I have attached to a decent network connection, which means it’s going to take 19 days or so to back up the 100 GB of data I have there. That’s fine if there’s not a lot of change, but might be a problem if I have big files changing regularly. CrashPlan has a seed option, too, where you can pay for a drive to be sent to you with either a restore archive already on it, or for you to create an archive and mail it back. If you’re active duty U.S. military the service is free, just send them an email from your .mil address. Restores seem to be pretty speedy, which is good. Backing up is really about restoring, after all.
One of the other things I’ve always lusted after in my own personal backup solution is heavy-duty encryption. Cloud backups are neat and all but I don’t trust any providers to not turn over my data to the government or other people. The way I’m thinking about running the cloud backup part of Crashplan is where they escrow the encryption keys, and I just provide a password, which means that my keys are in a subpoena-able position. Not that I’m doing anything illegal, but that’s not the point. With the recent U.S. Appeals Court ruling that memorized encryption keys are protected by the U.S. Constitution’s fifth amendment I see the door opened to protecting myself a little more thoroughly, if there isn’t a cloud provider in the middle to wuss out and turn all my stuff over. So here’s what I’ve done.
1. I set up an older low-profile Dell desktop PC to run Windows 7, and added a USB 3.0 card to it. I bought two 3 TB external USB drives and connected them. Using the disk management functions I created a simple volume on each, did not format it, and did not mount it. With Windows 7 you can’t make anything attached via the USB controller a dynamic disk, so if you dream of RAID sets or mirrors you need to do this with internal drives.
2. I installed LogMeIn’s Hamachi software, which is an excellent & free mesh network VPN solution. I’ve been using this to enable Remote Desktop to all my PCs for years, but you can run other things across it, too. I installed this on all the hosts I intend to back up to the target PC, and on the PC itself. You can only have 5 hosts in a mesh layout with the free version, but for me that’s enough. If you need more it’s $20 a year for 32 hosts in a network.
3. I used TrueCrypt to encrypt both external drives. You have two options when doing this, to create a normally-encrypted volume, or a hidden volume. A hidden volume is a volume within a volume, which can be used to pretend that you’ve decrypted the volume for someone, when really there’s another hidden “compartment” of sorts. There is some trickiness to hidden volumes, and I figure if someone comes looking for my data they’ll be able to figure out what I’ve done, so I stuck with normal encrypted volumes. I mounted one drive as Z: and the other one as O:, labeling them “Local Repository” and “Offline Repository” respectively. I created a folder on Z: called “CrashPlan Remote Backups.”
On reboot these volumes won’t auto-mount, because they require the volume passphrase, but with Hamachi & Remote Desktop enabled I can get in remotely to remount them.
I did not write my encryption passphrase down, since the legal protections don’t extend to that. This presents a bit of a problem, if I were to forget it or die or something. Ideally I’ll find a phrase that my wife can remember, too, without writing it down.
4. I set CrashPlan on the PC to call itself “BACKUP_TARGET” and set the amount of allowed CPU usage to 90% at all times (away & present).
In the Inbound backup settings I set the Listen Bind Address to the Hamachi private IP for the host, and changed the default backup archive location to Z:\CrashPlan Remote Backups.
In the Backup settings tab, I configured the Advanced settings for automatic compression (rather than “On” — I’m assuming the client is smart and in automatic mode won’t blindly compress already-compressed file formats).
On the Security settings tab I checked “Require account password to access…” and set the Archive Encryption to “448-bit encryption + password.” Note that when you do this you will never be able to go back down from that, and you won’t be able to reset it if it’s lost. This option means that CrashPlan will escrow the encryption key for you and you gain access to the key via your password. The higher-security option is where you maintain your own encryption key per computer, which is great for compartmentalization and can keep PCs from being able to see each other’s backup data, but is more of an administrative headache. I thought the middle setting was a good tradeoff.
On the Network settings tab I told it to not bind to anything but the Hamachi network adapter. I want all backup traffic going across the VPN. This way, anybody not on my private network cannot communicate with the backup server, either. I also removed all WAN & LAN throughput limits.
5. I installed CrashPlan on all the PCs, set them to have a client password, and disabled inbound backups. I chose the folders I want to back up on each host (usually just the C:\Users directory). On laptops I set it to stop when the battery level reaches 50% (rather than the default 20%, figuring that’ll give us better battery life), and removed the network sending (throughput) limits for the WAN.
In the Backup settings tab, I configured the Advanced settings for automatic compression.
I then went to the Destinations->Computers tab, selected BACKUP_TARGET, and clicked the Start Backup button.
6. When I got a good backup on all the hosts and things were idle I stopped the CrashPlan service on the target PC and synchronized my Z: drive with my O: drive, using Super Flexible File Synchronizer. I then unmounted that and took it to a separate PC where I tested remounting it with TrueCrypt and attaching the archive to the CrashPlan client to make sure I could restore from it. You can do that if you assume the identity of the backup PC when you first install Crashplan. Of course, when I’d assumed the identity on the new PC and wanted to put it back on the backup PC I had to delete the C:\ProgramData\Crashplan\.identity file and restart the client, so it would offer to assume the identity again.
I took the offsite disk to a safe deposit box, along with the power adapter and USB cable.
7. In the medium term I’ll probably purchase another 3 TB external drive and use it to swap out the one in the safe deposit box, reducing the number of trips I need to make. I also intend to measure the amount of changed data every week to see if a monthly remote swapout is okay, or if I should plan to do it more frequently. I am also maintaining a folder with a copy of TrueCrypt and Crashplan software so it’s part of the offline copy, just in case. I may also place a copy of a KeePass archive in there, so my passwords to things are accessible to my wife in case something happens to me.
I also ended up signing up for the 4 year family unlimited plan for CrashPlan Central backups, mainly so I can maintain a backup for my in-laws that way, and if something happens to me my brother knows the password to the accounts. This also gives me some of the advanced features like backup failure notification and backup sets, which I can see myself using in the future.
So far I’ve been pretty happy. Initial backups take forever, even locally, but it’s been pretty solid since. And that’s exactly what I wanted: something I can set & forget. Minus the offsite copy, of course.
- StorageMojo’s Robin Harris has a good post, “How to hide files from the law,” up on ZDNet that goes through the recent U.S. Appeals Court ruling that divulging an encryption key stored in your own memory is protected under the U.S. Constitution’s Fifth Amendment. The Fifth Amendment protects a U.S. citizen from incriminating themselves with their own testimony.
- CrashPlan is obviously at www.crashplan.com.
- TrueCrypt is very cool. Love them, support them.
- Hamachi is very cool, though I know they stole someone’s 18.104.22.168/8 to implement their service.
- I’ve been using Super Flexible File Synchronizer for years. You can certainly use other solutions, from the built-in copy functions to rsync.