Merge pull request #5115 from ThomasWaldmann/redo-pr-4269

docs: clarify borg init's encryption modes
2025-02-22 06:01:54 +00:00 · 2020-04-21 11:45:40 +02:00 · 2020-04-21 11:45:40 +02:00 · 27a41f5c1f
commit 27a41f5c1f
parent cac301ef25 b5d6e23d84
2 changed files with 18 additions and 5 deletions
--- a/docs/usage/init.rst
+++ b/docs/usage/init.rst
@ -11,7 +11,9 @@ Examples
    $ borg init --encryption=none /path/to/repo

    # Remote repository (accesses a remote borg via ssh)
+    # repokey: stores the (encrypted) key into <REPO_DIR>/config
    $ borg init --encryption=repokey-blake2 user@hostname:backup

-    # Remote repository (store the key your home dir)
+    # Remote repository (accesses a remote borg via ssh)
+    # keyfile: stores the (encrypted) key into ~/.config/borg/keys/
    $ borg init --encryption=keyfile user@hostname:backup
--- a/src/borg/archiver.py
+++ b/src/borg/archiver.py
@ -3629,7 +3629,11 @@ def define_borg_mount(parser):
        It is not recommended to work without encryption. Repository encryption protects
        you e.g. against the case that an attacker has access to your backup repository.

-        But be careful with the key / the passphrase:
+        Borg relies on randomly generated key material and uses that for chunking, id
+        generation, encryption and authentication. The key material is encrypted using
+        the passphrase you give before it is stored on-disk.
+
+        You need to be careful with the key / the passphrase:

        If you want "passphrase-only" security, use one of the repokey modes. The
        key will be stored inside the repository (in its "config" file). In above
@ -3667,6 +3671,12 @@ def define_borg_mount(parser):
        Encryption modes
        ++++++++++++++++

+        You can choose from the encryption modes seen in the table below on a per-repo
+        basis. The mode determines encryption algorithm, hash/MAC algorithm and also the
+        key storage location.
+
+        Example: `borg init --encryption repokey ...`
+
        .. nanorst: inline-fill

        +----------+---------------+------------------------+--------------------------+
@ -3682,7 +3692,8 @@ def define_borg_mount(parser):

        .. nanorst: inline-replace

-        `Marked modes` are new in Borg 1.1 and are not backwards-compatible with Borg 1.0.x.
+        Modes `marked like this` in the above table are new in Borg 1.1 and are not
+        backwards-compatible with Borg 1.0.x.

        On modern Intel/AMD CPUs (except very cheap ones), AES is usually
        hardware-accelerated.
@ -3715,8 +3726,8 @@ def define_borg_mount(parser):
        This mode is new and *not* compatible with Borg 1.0.x.

        `none` mode uses no encryption and no authentication. It uses SHA256 as chunk
-        ID hash. Not recommended, rather consider using an authenticated or
-        authenticated/encrypted mode. This mode has possible denial-of-service issues
+        ID hash. This mode is not recommended, you should rather consider using an authenticated
+        or authenticated/encrypted mode. This mode has possible denial-of-service issues
        when running ``borg create`` on contents controlled by an attacker.
        Use it only for new repositories where no encryption is wanted **and** when compatibility
        with 1.0.x is important. If compatibility with 1.0.x is not important, use