mirror of
https://github.com/borgbackup/borg.git
synced 2025-02-20 21:27:32 +00:00
update docs, remove references to passphrase mode
This commit is contained in:
Thomas Waldmann
parent
815d2e23ce
commit
1fc99ec9cd
2 changed files with 11 additions and 9 deletions
|
|
@ -344,7 +344,12 @@ To reduce payload size, only 8 bytes of the 16 bytes nonce is saved in the
|
|||
payload, the first 8 bytes are always zeros. This does not affect security but
|
||||
limits the maximum repository capacity to only 295 exabytes (2**64 * 16 bytes).
|
||||
|
||||
Encryption keys are either derived from a passphrase or kept in a key file.
|
||||
Encryption keys (and other secrets) are kept either in a key file on the client
|
||||
('keyfile' mode) or in the repository config on the server ('repokey' mode).
|
||||
In both cases, the secrets are generated from random and then encrypted by a
|
||||
key derived from your passphrase (this happens on the client before the key
|
||||
is stored into the keyfile or as repokey).
|
||||
|
||||
The passphrase is passed through the ``BORG_PASSPHRASE`` environment variable
|
||||
or prompted for interactive usage.
|
||||
|
||||
|
|
|
|||
|
|
@ -198,12 +198,7 @@ an attacker has access to your backup repository.
|
|||
|
||||
But be careful with the key / the passphrase:
|
||||
|
||||
``--encryption=passphrase`` is DEPRECATED and will be removed in next major release.
|
||||
This mode has very fundamental, unfixable problems (like you can never change
|
||||
your passphrase or the pbkdf2 iteration count for an existing repository, because
|
||||
the encryption / decryption key is directly derived from the passphrase).
|
||||
|
||||
If you want "passphrase-only" security, just use the ``repokey`` mode. The key will
|
||||
If you want "passphrase-only" security, use the ``repokey`` mode. The key will
|
||||
be stored inside the repository (in its "config" file). In above mentioned
|
||||
attack scenario, the attacker will have the key (but not the passphrase).
|
||||
|
||||
|
|
@ -220,8 +215,10 @@ The backup that is encrypted with that key won't help you with that, of course.
|
|||
Make sure you use a good passphrase. Not too short, not too simple. The real
|
||||
encryption / decryption key is encrypted with / locked by your passphrase.
|
||||
If an attacker gets your key, he can't unlock and use it without knowing the
|
||||
passphrase. In ``repokey`` and ``keyfile`` modes, you can change your passphrase
|
||||
for existing repos.
|
||||
passphrase.
|
||||
|
||||
You can change your passphrase for existing repos at any time, it won't affect
|
||||
the encryption/decryption key or other secrets.
|
||||
|
||||
|
||||
.. include:: usage/create.rst.inc
|
||||
|
|
|
|||
Loading…
Reference in a new issue