diff --git a/borg/archiver.py b/borg/archiver.py index 96993757c..f704f5367 100644 --- a/borg/archiver.py +++ b/borg/archiver.py @@ -1213,7 +1213,7 @@ def build_parser(self, args=None, prog=None): It will change the magic strings in the repository's segments to match the new Borg magic strings. The keyfiles found in $ATTIC_KEYS_DIR or ~/.attic/keys/ will also be converted and - copied to $BORG_KEYS_DIR or ~/.borg/keys. + copied to $BORG_KEYS_DIR or ~/.config/borg/keys. The cache files are converted, from $ATTIC_CACHE_DIR or ~/.cache/attic to $BORG_CACHE_DIR or ~/.cache/borg, but the diff --git a/borg/upgrader.py b/borg/upgrader.py index d836c57aa..2d8856ee7 100644 --- a/borg/upgrader.py +++ b/borg/upgrader.py @@ -137,7 +137,7 @@ def convert_keyfiles(keyfile, dryrun): replacement pattern is `s/ATTIC KEY/BORG_KEY/` in `get_keys_dir()`, that is `$ATTIC_KEYS_DIR` or `$HOME/.attic/keys`, and moved to `$BORG_KEYS_DIR` or - `$HOME/.borg/keys`. + `$HOME/.config/borg/keys`. no need to decrypt to convert. we need to rewrite the whole key file because magic string length changed, but that's not a diff --git a/docs/internals.rst b/docs/internals.rst index 3dbf5da10..fbbef9878 100644 --- a/docs/internals.rst +++ b/docs/internals.rst @@ -358,7 +358,7 @@ Key files --------- When initialized with the ``init -e keyfile`` command, |project_name| -needs an associated file in ``$HOME/.borg/keys`` to read and write +needs an associated file in ``$HOME/.config/borg/keys`` to read and write the repository. The format is based on msgpack_, base64 encoding and PBKDF2_ SHA256 hashing, which is then encoded again in a msgpack_. diff --git a/docs/quickstart.rst b/docs/quickstart.rst index 42d196181..4e0d7b5c3 100644 --- a/docs/quickstart.rst +++ b/docs/quickstart.rst @@ -167,7 +167,7 @@ is being made. protection. The repository server never sees the plaintext key. ``keyfile`` mode - The key is stored on your local disk (in ``~/.borg/keys/``). + The key is stored on your local disk (in ``~/.config/borg/keys/``). Use this mode if you want "passphrase and having-the-key" security. In both modes, the key is stored in encrypted form and can be only decrypted diff --git a/docs/usage.rst b/docs/usage.rst index b025af412..22e783f32 100644 --- a/docs/usage.rst +++ b/docs/usage.rst @@ -85,7 +85,7 @@ Some automatic "answerers" (if set, they automatically answer confirmation quest Directories: BORG_KEYS_DIR - Default to '~/.borg/keys'. This directory contains keys for encrypted repositories. + Default to '~/.config/borg/keys'. This directory contains keys for encrypted repositories. BORG_CACHE_DIR Default to '~/.cache/borg'. This directory contains the local cache and might need a lot of space for dealing with big repositories). @@ -203,9 +203,9 @@ be stored inside the repository (in its "config" file). In above mentioned attack scenario, the attacker will have the key (but not the passphrase). If you want "passphrase and having-the-key" security, use the ``keyfile`` mode. -The key will be stored in your home directory (in ``.borg/keys``). In the attack -scenario, the attacker who has just access to your repo won't have the key (and -also not the passphrase). +The key will be stored in your home directory (in ``.config/borg/keys``). In +the attack scenario, the attacker who has just access to your repo won't have +the key (and also not the passphrase). Make a backup copy of the key file (``keyfile`` mode) or repo config file (``repokey`` mode) and keep it at a safe place, so you still have the key in @@ -411,15 +411,15 @@ Examples Initializing repository at "/mnt/backup" Enter passphrase (empty for no passphrase): Enter same passphrase again: - Key file "/home/USER/.borg/keys/mnt_backup" created. + Key file "/home/USER/.config/borg/keys/mnt_backup" created. Keep this file safe. Your data will be inaccessible without it. # Change key file passphrase $ borg change-passphrase /mnt/backup - Enter passphrase for key file /home/USER/.borg/keys/mnt_backup: + Enter passphrase for key file /home/USER/.config/borg/keys/mnt_backup: New passphrase: Enter same passphrase again: - Key file "/home/USER/.borg/keys/mnt_backup" updated + Key file "/home/USER/.config/borg/keys/mnt_backup" updated .. include:: usage/serve.rst.inc