1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-23 16:26:29 +00:00
borg/docs/man/borg-key-change-algorithm.1

94 lines
2.7 KiB
Groff
Raw Normal View History

2022-04-14 19:13:46 +00:00
.\" Man page generated from reStructuredText.
.
.TH BORG-KEY-CHANGE-ALGORITHM 1 "2022-04-14" "" "borg backup tool"
.SH NAME
borg-key-change-algorithm \- Change repository key algorithm
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.SH SYNOPSIS
.sp
borg [common options] key change\-algorithm [options] [REPOSITORY] ALGORITHM
.SH DESCRIPTION
.sp
Change the algorithm we use to encrypt and authenticate the borg key.
.sp
Important: In a \fIrepokey\fP mode (e.g. repokey\-blake2) all users share the same key.
In this mode upgrading to \fIargon2\fP will make it impossible to access the repo for users who use an old version of borg.
We recommend upgrading to the latest stable version.
.sp
Important: In a \fIkeyfile\fP mode (e.g. keyfile\-blake2) each user has their own key (in \fB~/.config/borg/keys\fP).
In this mode this command will only change the key used by the current user.
If you want to upgrade to \fIargon2\fP to strengthen security, you will have to upgrade each user\(aqs key individually.
.sp
Your repository is encrypted and authenticated with a key that is randomly generated by \fBborg init\fP\&.
The key is encrypted and authenticated with your passphrase.
.sp
We currently support two choices:
.INDENT 0.0
.IP 1. 3
argon2 \- recommended. This algorithm is used by default when initialising a new repository.
The key encryption key is derived from your passphrase via argon2\-id.
Argon2 is considered more modern and secure than pbkdf2.
.IP 2. 3
pbkdf2 \- the legacy algorithm. Use this if you want to access your repo via old versions of borg.
The key encryption key is derived from your passphrase via PBKDF2\-HMAC\-SHA256.
.UNINDENT
.sp
Examples:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
# Upgrade an existing key to argon2
borg key change\-algorithm /path/to/repo argon2
# Downgrade to pbkdf2 \- use this if upgrading borg is not an option
borg key change\-algorithm /path/to/repo pbkdf2
.ft P
.fi
.UNINDENT
.UNINDENT
.SH OPTIONS
.sp
See \fIborg\-common(1)\fP for common options of Borg commands.
.SS arguments
.sp
REPOSITORY
.INDENT 0.0
.TP
.B ALGORITHM
select key algorithm
.UNINDENT
.SH SEE ALSO
.sp
\fIborg\-common(1)\fP
.SH AUTHOR
The Borg Collective
.\" Generated by docutils manpage writer.
.