This is the current script that backups the PCGamgingWiki (My other projet), I'm posting it here since I never found another script like it across the internet. Its very simple, uses a RSA 4096bit Key, keep the public key on the server, and keep the private key in a safe place :) in short, its a Encrypted Backup Script / System
ionice -c3 -p$$ renice 19 $$ cd /backup mysqldump --all-databases -u root --password='##PASSWORD##' > /backup/pcgamingwiki-main-database.sql apt-get clean apt-get -y autoremove apt-get clean cd /backup NOW=$(date +"%F") ARCHIVE="pcgwiki-backup-$NOW.7z" ENCRYPT="pcgwiki-backup-$NOW.7z.aes256" 7za a $ARCHIVE -y /var/www /backup/pcgamingwiki-main-database.sql /home /etc/nginx /etc/cherokee echo "1) openssl rsautl -in aes-key.ssl -out aes-key -decrypt -inkey /backup/private.pem" > backuptips.txt echo "2) openssl enc -d -aes-256-cbc -salt -in sz-backup-2011-10-31.7z.aes256 -out sz-backup-2011-10-31.7z -pass file:/backup/temp/aes-key" >> backuptips.txt wget 'http://www.random.org/cgi-bin/randbyte?nbytes=500&format=f' -O aes-key openssl enc -aes-256-cbc -salt -in $ARCHIVE -out $ENCRYPT -pass file:/backup/aes-key openssl rsautl -encrypt -inkey public.key -pubin -in aes-key -out aes-key.ssl par2 c -v $ENCRYPT $ENCRYPT par2 c -v aes-key.ssl aes-key.ssl shred -u $ARCHIVE dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 dd if=/dev/urandom of=/backup/aes-key bs=10 count=500 shred -u aes-key echo "==================================" >> ./backuptips.txt sha512sum /backup/* >> ./backuptips.txt zip $ARCHIVE.zip *.par2 aes-key.ssl ./$ENCRYPT ./backuptips.txt shred -u ./backuptips.txt shred -u *.par2 shred -u $ENCRYPT shred -u *.ssl shred -u /backup/pcgamingwiki-main-database.sql cp -f $ARCHIVE.zip /backup/store/$ARCHIVE.zip shred -u $ARCHIVE.zip chmod 555 /backup/store/$ARCHIVE.zip find /backup/store/*.zip -mtime +10 -exec chmod 777 {} \; find /backup/store/*.zip -mtime +10 -exec rm -vf {} \; php /var/www/maintenance/dumpBackup.php --full --output=bzip2:/var/www/dumps/pcgwiki-full-xml-$NOW.bz2 find /var/www/dumps/*.bz2 -mtime +10 -exec chmod 777 {} \; find /var/www/dumps/*.bz2 -mtime +10 -exec rm -vf {} \;