If you backup over clearnet, then the location of your backup server can be discovered. Port knocking doesn't solve that problem and is not much more secure than RSA keys. Backing up over Tor to a stealth mode hidden service not only hides the location of the backup server, its very existence is deniable, even to anyone who crawls the network and finds its descriptor. Obviously that's a problem if you're backing up gigabytes of data, but there's no simple solution to that. There is no solution that is secure AND fast. kmf, you bring up some goods points, however most dedicated server providers won't do exotic server configurations, like crossover cables, unless you're willing to pay a lot of money. They have preconfigured packages to choose from. Further, a strange setup like that might draw unwanted attention, since I doubt crossover cables and servers with no internet access are common. The same problem exists for colo'ing as you would have to give the technician special instructions. Certainly, there are trade offs to hosting at home. Positives: You don't have to deal with paying for a server/colo anonymously, obfuscating your shipping location, sending your biological data on the server to a remote location, exotic server configurations raising interest or suspicion, capricious third party TOS and AUP, and third parties willing to work with LE (well, you only have to deal with your ISP). Negatives: bandwidth, and if your server is identified, you're fucked. IF you're confident that Tor over Tor and perhaps a few anonymously rented VPSes acting as bridges can protect you, and you have a low bandwidth service, I think it's an excellent option. You can basically host a hidden service for free on some old computers.