FWIW, I do a nightly backup across the network to another computer. Nothing fancy: cd /home tar -czf - bill | openssl enc -e -aes256 -pbkdf2 -out secured.tar.gz -pass file:bill/secreat -out $Duh_Plack secreat is just a text file with a password, I figure if they've gotten that far into the machine why be super security conscious since it's pretty much a moot point. $Duh_Plack is a location on a NFS machine. BTW, I have the last 14 days filed away there. Every so often I will dump all of this stuff onto a 5TB USB drive (some stuff is re-encoded with a different manually input password, and put it into a locked container in my storage area down the hall, I live in a condo complex with lots and lots of overhead sprinklers. Generally speaking if I'm gone for more than a couple of days (or when I do the snowbird thing) I'll dump it off to a different 5TB drive, again some of it is encoded, and put that into a day-pack I carry. The 5TB drives have encoding done because I might lose control of the physical medium somewhere along the line. My house, before I moved to the condo, was burglarized while I was gone for the winter and they stole all of the stored paperwork (tax returns, birth certificate, etcetera). Along with lots of other stuff from inside the house, like computers. So there's plenty of stuff to consider...