Anyone use a UNIX backup tool that will encrypt the data it stores?

I use rdiff-backup, but its encrypted cousin, duplicity is 16 months old and doesn't look maintained.

I checked out box backup, which seems like a really interesting idea, but I don't know if I want to deal with a client/server type complexity. It seems difficult to restore should something happen to the server machine. Plus I need to change the backup media daily, and it's more suited to fixed, off-site storage.

So I need:

  • daily, snapshot type backups
  • encrypted backup files
  • easy to restore (but still secure) backups
  • incremental backups

I may just end up writing a GPG wrapper around rdiff-backup, as it has everything I want, minus encryption. That would also allow me to store the private keys offsite, away from the servers themselves. box backup requires that the backup server hold its own private key. Hmm, I like this idea. Maybe I'll end up releasing my backup program after I get it working...