1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-24 08:45:13 +00:00

Clarify using a blank passphrase in keyfile mode

This commit is contained in:
Milkey Mouse 2017-10-25 19:42:02 -07:00
parent 46c071ca47
commit 87a9952f3b
No known key found for this signature in database
GPG key ID: C6EF5A02F5647987

View file

@ -304,7 +304,7 @@ Setting ``BORG_PASSPHRASE``
.. _password_env: .. _password_env:
.. note:: Be careful how you set the environment; using the ``env`` .. note:: Be careful how you set the environment; using the ``env``
command, a ``system()`` call or using inline shell scripts command, a ``system()`` call or using inline shell scripts
(e.g. ``BORG_PASSPHRASE=hunter12 borg ...``) (e.g. ``BORG_PASSPHRASE=hunter2 borg ...``)
might expose the credentials in the process list directly might expose the credentials in the process list directly
and they will be readable to all users on a system. Using and they will be readable to all users on a system. Using
``export`` in a shell script file should be safe, however, as ``export`` in a shell script file should be safe, however, as
@ -328,7 +328,8 @@ Using ``BORG_PASSCOMMAND`` with a properly permissioned file
Using keyfile-based encryption with a blank passphrase Using keyfile-based encryption with a blank passphrase
It is possible to encrypt your repository in ``keyfile`` mode instead of the default It is possible to encrypt your repository in ``keyfile`` mode instead of the default
``repokey`` mode and use a blank passphrase for the key file. See :ref:`encrypted_repos` ``repokey`` mode and use a blank passphrase for the key file (simply press Enter twice
when ``borg init`` asks for the password). See :ref:`encrypted_repos`
for more details. for more details.
Using ``BORG_PASSCOMMAND`` with macOS Keychain Using ``BORG_PASSCOMMAND`` with macOS Keychain