Hi, first-time poster here, although I've been a happy Linode customer for over a year
I'm considering enrolling one of my Linodes in the Linode Backup Service, but I had a question concerning
Ubuntu's encrypted private directory feature (which I have enabled on that Linode) that I hope somebody could answer for me.
On the link above, which lists some caveats for Ubuntu's encrypted private directory system, it states this: "By design, data is not kept private to privileged users while the user is logged in. One consequence of this is if ~/Private is mounted, a backup solution may backup your decrypted files unless the backup software is configured to exclude files in ~/Private."
Given that the backup service requires that the disk be mountable without any special steps (which it should be, since I believe Ubuntu's encrypted private directory system does file-based encryption), the above caveat should not apply, correct? In other words, the backup service doesn't somehow create a root process on my Linode which reads out files and backs them up? I'm assuming the backup service mounts the disk image in an external environment and then performs the backup file-by-file.
Basically, what I would like to ensure is that the backup service won't back up the unencrypted version of my data. I'm 99% certain that it won't, but if anybody could confirm this, or has had experience with using the backup service with Ubuntu's encrypted directories, I'd appreciate hearing about it!
Thanks in advance!