I’ve just pushed to launchpad, a set of patches that implement AES encryption support for MySQL Online Backup. You will need to build –with-ssl to get support for encrypted online backup.
Encrypted backup files have no recognisable header – they’re just a stream of random bytes. Encryption and compression also works, and when you encrypt, you should also use compression (compress first, then encrypt).
Source tree: https://code.launchpad.net/~stewart-flamingspork/mysql-server/stew-encrypted-backup-preview1
Bzr command: bzr branch lp:~stewart-flamingspork/mysql-server/stew-encrypted-backup-preview1
Thread on internals@ with patchset: http://lists.mysql.com/internals/35759
Build instructions: be sure to ./configure –with-ssl
Example usage:
- BACKUP DATABASE test TO ‘test.ba’ ENCRYPTION_ALGORITHM=aes PASSWORD=’pants’;
- BACKUP DATABASE test TO ‘test1.ba’ WITH COMPRESSION COMPRESSION_ALGORITHM=gzip ENCRYPTION_ALGORITHM=aes PASSWORD=’pants’;
- RESTORE FROM ‘test.ba’ ENCRYPTION_ALGORITHM=aes PASSWORD=’pants’;
- RESTORE FROM ‘test1.ba’ ENCRYPTION_ALGORITHM=aes PASSWORD=’pants’;
UPDATE: preview1 is no more, preview2 is now out, contains extra stuff (see next blog post)
[...] – bookmarked by 2 members originally found by pasq242 on 2008-07-20 MySQL Encrypted Online Backup Preview 1 http://www.flamingspork.com/blog/2008/07/01/mysql-encrypted-online-backup-preview-1/ – bookmarked [...]
[...] Australian Senior Software Engineer Stewart Smith has already mentioned it a few months ago in his blog. There’s a preview that you can download on the online backup pages. It’s probably [...]
Is this so no one else can read up on what you have stored in your online backup?
-Jack
yep. it means that without the passphrase, you cannot access the contents of the backup – and the backup file just looks like random gibberish without the decription key