There’s some info available on how to use Apple’s TimeMachine backup facility writing to network devices. Also you’d find information on how to set up encryption for the backup image.
I used the steps provided below (for Leopard that is) to have TimeMachine backup my hard drive including a FileVault encrypted home directory in such a way that the backup (including the contents of the home folder) can be browsed using the galaxy timeMachine frontend. The backup is contained in an AES-256 encrypted sparsebundle, so the data contained in it is similarly safe as in the encrypted FileVault folder on my hard drive.
Create a sparsebundle to be copied to your network
drive. Important is to do this on your local hard drive, say in
/tmp/, otherwise the creation will fail.
hdiutil create -size 250g -library SPUD -nospotlight \
-encryption AES-256 -fs 'HFS+J' -type SPARSEBUNDLE \
-volname 'Backup of MACHINENAME' -verbose MACHINENAME_001e521fb852.sparsebundle
Hereby replace MACHINENAME with the name of your computer. This
would be everything before the first dot in the output of uname
-n. The number appearing in the file name of the sparsebundle is
the Mac address of your ethernet adapter. You obtain it with
ifconfig en0| grep ether | sed -es/://g. During the creation of
the sparsebundle you’ll be asked for a password. Choose something
safe and write it down for later. When you need to restore files
from your backup, you’ll need this password, without it your
backup will be useless.
Copy the sparsebundle to your network share:
cp -r /tmp/MACHINENAME_001e521fb852.sparsebundle /Volumes/NetworkDrive
Mount the newly created image and have Keychain remember your password:
open /Volumes/NetworkDrive/MACHINENAME_001e521fb852.sparsebundle
Then unmount again.
In Keychain Access copy and paste the entry for the sparsebundle to
your system keychain. If you needed a password to mount
/Volumes/NetworkDrive it might be useful to do the same with those
credentials as well. Important: Modify both entries such that they
have unlimited access without you having to enter a your Keychain
password. This way TimeMachine can work while you are logged
out. Probably you can restrict acces to just TimeMachine and its
helper applications, but I haven’t tried this.
Enable non-supported TimeMachine drives:
defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1
In the TimeMachine Preferences tell TM to not exclude your mounted
home directory from backups, but to not backup
/Users/YOURNAME/IMAGEFILE. This way you will be able to browse your
personal files using the galaxy frontend. Then point TimeMachine
to your Network Share (/Volumes/NetworkDrive) and let it do the
initial Backup. From there things should work smoothly. You could
track that TimeMachine is backing up to the right location by
issuing repeatedly df -h on the command line.
Note that while your backup is encrypted, the password for the backup image is —at least in the currently proposed configuration— possible open to attack on your computer. Ideally you would make sure that you’d be the only person who can access your computer by additional security measures, e.g. by following some suggestions in Corsaire’s white paper on securing Mac OS X Leopard.