[Borgbackup] Subject: Re: FW: Local backup media file system corrupt. Best way to recover?
Thomas Waldmann
tw at waldmann-edv.de
Tue Nov 8 11:43:38 EST 2022
> 2. I also have an off-site Borg repository which was still intact
> 3. Rather than creating a new local repository, I asked whether it was
> possible to copy the off-site repository
You can not use the same repo with same key material at 2 places, that
is not secure because of nonce reuse.
Practically you could hack the repo id of one repo (like +1), but the
security problem does not go away by that.
> 4. I was informed that it was possible to copy the off-site repository
I assumed you have a repo-copy that was just a copy (like rclone /
rsync) and NOT also used with borg on the remote site.
> 7. However, when I tried to update the off-site repository, that action
> failed because:
> "Borg: Cache, or information obtained from the security directory is
> newer than repository - this is either an attack or unsafe (multiple
> repos with same ID)"
That is because you used 2 repos with the same ID with borg.
> What is not clear to me, is whether it is possible to change the
> repository ID of the local Borg repository which I have copied?
That would make it work, but it would not be cryptographically secure
any more.
> And if it is possible to change the repository ID, what are the steps?
Make sure that repo_dir/config has always a unique ID (if you create a
new repo, a random number is used. if you hack it manually, you can just
do +1).
After that, better delete the cache of both repos:
borg delete --cache-only repo1
borg delete --cache-only repo2
First borg op after that will take a while, but it will clean up any
mess that there might be now due to the duplicate IDs.
> I can't see any option with init to change the repository ID.
There is no such option because that is not secure. It just solves the
issue that borg confuses the 2 repos because it would use the same
config and cache path, but it does not solve the AES nonce reuse issue.
BTW, borg2 will fix the AES-CTR mode issues by not using AES-CTR any
more, so things will get a bit easier. E.g. you will be able to use
"borg transfer" to efficiently transfer an archive from one repo to
another related repo.
More information about the Borgbackup
mailing list