mirror of
https://github.com/borgbackup/borg.git
synced 2025-03-15 00:21:56 +00:00
[DOCS] #4883 – Borg documentation downplays severity of Nonce reuse issue
Shorten the log info for deleting/keeping security info. Fix bad wording.
This commit is contained in:
parent
41ecd1ae30
commit
1d9dadd6b7
2 changed files with 6 additions and 8 deletions
|
@ -202,9 +202,10 @@ the working repository to the same location:
|
||||||
A plain delete command would remove the security info in
|
A plain delete command would remove the security info in
|
||||||
``~/.config/borg/security``, including the nonce value. In BorgBackup
|
``~/.config/borg/security``, including the nonce value. In BorgBackup
|
||||||
:ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
|
:ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
|
||||||
working repo was used later for creating new archives, Borg would initialize a
|
working repo was used later for creating new archives, Borg would re-use nonce
|
||||||
fresh nonce, which would be bad for security reasons. To prevent this, the
|
values due to starting from a lower counter value given by the older copy of the
|
||||||
``keep-security-info`` option is applied so that the nonce counter is kept.
|
repository. To prevent this, the ``keep-security-info`` option is applied so
|
||||||
|
that the client-side nonce counter is kept.
|
||||||
|
|
||||||
Can Borg add redundancy to the backup data to deal with hardware malfunction?
|
Can Borg add redundancy to the backup data to deal with hardware malfunction?
|
||||||
-----------------------------------------------------------------------------
|
-----------------------------------------------------------------------------
|
||||||
|
|
|
@ -1212,10 +1212,7 @@ class Archiver:
|
||||||
SecurityManager.destroy(repository)
|
SecurityManager.destroy(repository)
|
||||||
else:
|
else:
|
||||||
logger.info("Would delete repository.")
|
logger.info("Would delete repository.")
|
||||||
if keep_security_info:
|
logger.info("Would %s security info." % ("keep" if keep_security_info else "delete"))
|
||||||
logger.info("Would keep security info.")
|
|
||||||
else:
|
|
||||||
logger.info("Would delete security info.")
|
|
||||||
if not dry_run:
|
if not dry_run:
|
||||||
Cache.destroy(repository)
|
Cache.destroy(repository)
|
||||||
logger.info("Cache deleted.")
|
logger.info("Cache deleted.")
|
||||||
|
@ -3359,7 +3356,7 @@ class Archiver:
|
||||||
you run ``borg compact``.
|
you run ``borg compact``.
|
||||||
|
|
||||||
When you delete a complete repository, the security info and local cache for it
|
When you delete a complete repository, the security info and local cache for it
|
||||||
(if any) is also deleted. Alternatively, you can delete just the local cache
|
(if any) are also deleted. Alternatively, you can delete just the local cache
|
||||||
with the ``--cache-only`` option, or keep the security info with the
|
with the ``--cache-only`` option, or keep the security info with the
|
||||||
``--keep-security-info`` option.
|
``--keep-security-info`` option.
|
||||||
|
|
||||||
|
|
Loading…
Add table
Reference in a new issue