So a friend and I had an idea about doing secure backups to each other's home computers over the Cox network. We came up with the following qualifications:
1) Transmission between computers is secure.
2) Privacy maintained, one can not view contents of the other's backup.
3) Backups should be efficient and take minimal time to complete.
To meet these qualifications we devised the following plan.
1) Utilize OpenVPN to encrypt data traversing the Cox network.
2) Encrypt data using dm-mapper or cryptoloop on the local computer, before transmission over the network.
3) Utilize rdiff-backup, or similar technology, to transmit only differentials when a file changes, not the entire file.
VPN
We created a VPN using OpenVPN and used ip addresses 10.6.0.2 and 10.6.0.1.
Target Media
Bonus: the remote side uses LVM to create a volume which can be expanded to accomodate the backup should it overtake current storage allocation. This requires the use of a filesystem which can grow. The remote side offers an iSCSI target for the local computer to attach to. 10.6.0.1 offers target 10.6.0.2 logs in to target. The target is assigned device sdc.
Encryption
dm-crypt is used to create an encrypted device on the local computer. The local computer then formats this encrypted device with the ext3 filesystem. Ext3 is used for it's ability to grow in response to the backup's space requirements.
Backup
The first backup is peformed using a straight file copy. Subsequent backups are made using rdiff-backup which transmits only differentials.