[Borgbackup] Rationale for keeping a copy of the repo key
d0
public at enkore.de
Wed May 19 12:23:24 EDT 2021
Encryption keys have a tremendous amount of error leverage (similar to
filesystem metadata, but harder to fix when corrupted): corrupting a very
small amount of data makes a very large amount of data unusable.
So it makes sense to have a backup here.
Cheers, Marian
Am Mi., 19. Mai 2021 um 17:48 Uhr schrieb Jonas Olson <jolson at kth.se>:
> It is recommended [0] that one stores a copy of the encrypted repo key
> in a safe place. Naively, this would seem unnecessary, as it is stored
> in the repository and no copy is normally needed. Is the reasoning that,
> in case of filesystem corruption, you still have some chance of saving
> parts of the backup as long as the key is safe? The documentation
> doesn't spell it out, as far as I have been able to see, and I'd like to
> make sure I understand it correctly.
>
> Regards,
> Jonas Olson
>
> [0] "Make a backup copy of the key file (keyfile mode) or repo config
> file (repokey mode) and keep it at a safe place, so you still have the
> key in case it gets corrupted or lost. Also keep the passphrase at a
> safe place. The backup that is encrypted with that key won’t help you
> with that, of course."
> <https://borgbackup.readthedocs.io/en/stable/usage/init.html>
> _______________________________________________
> Borgbackup mailing list
> Borgbackup at python.org
> https://mail.python.org/mailman/listinfo/borgbackup
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.python.org/pipermail/borgbackup/attachments/20210519/01a039cf/attachment.html>
More information about the Borgbackup
mailing list