This presumes you have access to an OS X host running sshd, and that you have already configured passphrase-less ssh keys to login to the remote host.

• Login to your remote host
• Create a subdirectory to store your files/mount your encrypted disk image

  • mkdir ~/private

• Create and encrypted sparse bundle image- you MUST specify a large enough size for your expected backups:

  • hdiutil create -encryption -stdinpass -format UDSB -srcfolder private -size 350g encrypted.dmg

• Enter your desired password for the image when prompted
• Test mounting the image via:

  • hdiutil attach -stdinpass -readwrite -mountpoint /Users/[your_username]/private/ /Users/[your_username]/encrypted.dmg.sparsebundle

Onto a script. This is an example:

#!/bin/bash

#set your password
ENCRYPTION_PASS='mypassword'

#Mount the encrypted disk image on the remote system
ssh -i ~username/.ssh/id_dsa username@remotehost.com "/bin/echo -n $ENCRYPTION_PASS | hdiutil attach -stdinpass -readwrite -mountpoint /Users/username/private/ /Users/username/encrypted.dmg.sparsebundle" >> backup.log 2>&1

#rate limited rsync if desired
#rsync --rsh="ssh -i ~username/.ssh/id_dsa" --delete -a --progress --bwlimit=1000 --exclude ".AppleDouble" --exclude ".DS_Store" /c/media/Pictures username@remotehost.com:/Users/username/private/ >> backup.log 2>&1

#not rate limited
rsync -e "ssh -i ~username/.ssh/id_dsa"  --delete --progress -a --exclude ".AppleDouble" --exclude ".DS_Store" /c/media/Pictures username@remotehost.com:/Users/username/private/ >> backup.log 2>&1

#unmount the remote disk image
ssh -i ~username/.ssh/id_dsa username@remotehost.com hdiutil detach /Users/username/private/ >> backup.log 2>&1

#move the log to a log with a date stamp
mv backup.log backup.`date +"%Y_%d_%m_%H_%M"`.log