AFP over Internet?

Discussion in 'Mac OS X Server, Xserve, and Networking' started by jackhdev, Jun 29, 2012.

  1. macrumors 6502

    Joined:
    Apr 9, 2011
    Location:
    Bismarck, North Dakota
    #1
    I have a Time Capsule at my house and an iMac at my office. I am able to successfully back up the iMac to the Time Capsule through AFP using Carbon Copy Cloner.

    Here's my question: how secure is this? The backup is to an encrypted disk image. This being so (and the disk image has to be mounted on the iMac first), does this make the traffic encrypted? Second, are the login credentials sent in plain text?

    Thanks.
     
  2. macrumors G4

    Joined:
    Jul 17, 2002
    Location:
    USA
    #2
    As I understand you, you are sending clear data to an encrypted image. Your data will not be encrypted until it reaches its destination. Anyone with the ability to intercept it will be able to read it.
     
  3. thread starter macrumors 6502

    Joined:
    Apr 9, 2011
    Location:
    Bismarck, North Dakota
    #3
    Nah, I looked around and found that the data is encrypted because the DMG is (and the DMG is mounted on the iMac). http://www.cqwen.com/encrypted-disk-images-are-a-perfect-way-to-transport-data/

    Am I right to assume that the AFP login credentials are sent in plain text?
     
  4. macrumors G4

    Joined:
    Jul 17, 2002
    Location:
    USA
    #4
    You have to be clear about what you are doing. If you are sending an encrypted disc image en masse, then of course the data are encrypted because the image in encrypted at its source. This is not what you said. You said that you were sending data to an encrypted image. In that case, the data are not encrypted until they are archived by the Time Capsule.

    So which is it? Are you sending individual files to an encrypted image of Time Capsule or are you sending an encrypted image to the Time Capsule?
     
  5. thread starter macrumors 6502

    Joined:
    Apr 9, 2011
    Location:
    Bismarck, North Dakota
    #5
    I am sending the files to an encrypted disk image on the Time Capsule. Carbon Copy Cloner connects to the Time Capsule over the Internet, mounts the encrypted disk image (located on the Time Capsule), and then copies the individual updated files over. I looked it up and it appears that sending files to an encrypted disk image encrypts the traffic as well.

    Do you know anything about the username and password though? Are those encrypted? Is AFP secure/not secure on a network if you are just logging in (i.e. no Kerberos)? Thanks for your help.
     
  6. macrumors G4

    Joined:
    Jul 17, 2002
    Location:
    USA
    #6
    Clearly your data stream is not encrypted. As for your credentials, Apple has very good credentials encryption. Your may expect your Time Capsule user name and password to be secure.
     
  7. macrumors 65816

    Joined:
    Jan 1, 2008
    #7
    Clearly it is.

    He's mounting the encrypted disk image from the remote computer. The only thing getting transmitted over the Internet is the encrypted version of the disk image. The Time Capsule certainly isn't doing the encryption - the remote iMac is.

    A.
     
  8. macrumors 68030

    Supa_Fly

    Joined:
    May 30, 2002
    Location:
    Toronto, Ontario, Canada
    #8
    I'm curious ... and sorry to hijack this thread, can this (backup over internet) be done without the need for CCC? Can this be done via TimeMachine??
     
  9. thread starter macrumors 6502

    Joined:
    Apr 9, 2011
    Location:
    Bismarck, North Dakota
    #9
    You should be able to, though you would have to mount the share point on the computer first (because Time Machine uses bonjour to find a place to backup, and this does not work over the Internet; you need to help it). You would also have to set up a script to run every hour or so to make sure that the share point is still mounted (though once you tell Time Machine where you are backing up to, it may be able to mount the disk automatically).

    My computer at work is running Mac OS X Server, so I automatically use CCC. Time Machine is not meant for servers and does not back up everything.
     

Share This Page