Use rsyncrypto to generate opaque version of secret files, so system can be backed up by non-root remote user.
Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
README
do-rsyncrypto
do-rsyncrypto.user

README

  Rsnapshot - Rsyncrypto integration README
  -----------------------------------------

Suppose you want to use rsnapshot to backup host A onto host B's
storage.  The standard configurations all require a passwordless
remote root ssh log-in, because rsnapshot really wants to be root on
both the source and destination machines.  There are facilities for
limiting what the remote root can do, but the idea might still give
you the heebie-jeebies.

Here's an alternative solution: rsnapshot runs as root on host B, but
pulls from host A as a non-root user.  This user, by definition, can
only succesfully backup world-readable (or group-readable for the
right group) files.  To facilitate backing up other files, a cron job
on host A users rsyncrypto to make encrypted but publicly-readable
versions of the non-world-readable files.  The cyphertext copies are
then backed up remotely by rsnapshot.

Benefits:
 * No need for remote root log in anywhere
 * Host A can keep file contents secret from host B

Disadvantages:
 * There's an extra step in restoring from rsnapshot:  The snapshot 
   contains the cyphertext, you have to use the rsyncrypto tools to 
   recover the plain text.
 * You have to manage the rsyncrypto keys.  If host A fully trusts 
   host B, the keys can be backed up as part of rsnapshot's normal 
   operation, but otherwise host A needs a separate key backup.

It's not perfect, but it's a workable approach.

User FOO's crontab:

  MAILTO=""
  # m h  dom mon dow   command
  45 * * * * /home/FOO/bin/do-rsyncrypto.user


Root's crontab:
  # m h  dom mon dow   command
  MAILTO=""
  45 * * * *      root    /root/do-rsyncrypto


The files do-rsyncrypto and do-rsyncrypto.user are part of this Git
repository.  They're just templates; your configuration will probably
differ.  There's one main gotcha with the rsyncrypto configuration:
You must make sure that the cyphertext files are NOT included in
rsyncrypto's backups, or else you'll have (exponentially many)
encrypted backups of your encrypted backups of...

--
Eric Anderson
http://www.ece.cmu.edu/~andersoe/