Document that passphrase is used for Borg keyfile encryption, not just repokey encryption (#373).
This commit is contained in:
parent
c0ae01f5d5
commit
41bf520585
3 changed files with 11 additions and 10 deletions
1
NEWS
1
NEWS
|
@ -1,4 +1,5 @@
|
||||||
1.5.13.dev0
|
1.5.13.dev0
|
||||||
|
* #373: Document that passphrase is used for Borg keyfile encryption, not just repokey encryption.
|
||||||
* Drop support for Python 3.5, which has been end-of-lifed.
|
* Drop support for Python 3.5, which has been end-of-lifed.
|
||||||
* Update versions of test dependencies (test_requirements.txt and test containers).
|
* Update versions of test dependencies (test_requirements.txt and test containers).
|
||||||
* Only support black code formatter on Python 3.8+. New black dependencies make installation
|
* Only support black code formatter on Python 3.8+. New black dependencies make installation
|
||||||
|
|
|
@ -185,19 +185,19 @@ map:
|
||||||
desc: |
|
desc: |
|
||||||
The standard output of this command is used to unlock the
|
The standard output of this command is used to unlock the
|
||||||
encryption key. Only use on repositories that were
|
encryption key. Only use on repositories that were
|
||||||
initialized with passcommand/repokey encryption. Note that
|
initialized with passcommand/repokey/keyfile encryption. Note
|
||||||
if both encryption_passcommand and encryption_passphrase are
|
that if both encryption_passcommand and encryption_passphrase
|
||||||
set, then encryption_passphrase takes precedence. Defaults
|
are set, then encryption_passphrase takes precedence.
|
||||||
to not set.
|
Defaults to not set.
|
||||||
example: "secret-tool lookup borg-repository repo-name"
|
example: "secret-tool lookup borg-repository repo-name"
|
||||||
encryption_passphrase:
|
encryption_passphrase:
|
||||||
type: str
|
type: str
|
||||||
desc: |
|
desc: |
|
||||||
Passphrase to unlock the encryption key with. Only use on
|
Passphrase to unlock the encryption key with. Only use on
|
||||||
repositories that were initialized with passphrase/repokey
|
repositories that were initialized with
|
||||||
encryption. Quote the value if it contains punctuation, so
|
passphrase/repokey/keyfile encryption. Quote the value if it
|
||||||
it parses correctly. And backslash any quote or backslash
|
contains punctuation, so it parses correctly. And backslash
|
||||||
literals as well. Defaults to not set.
|
any quote or backslash literals as well. Defaults to not set.
|
||||||
example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
|
example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
|
||||||
checkpoint_interval:
|
checkpoint_interval:
|
||||||
type: int
|
type: int
|
||||||
|
|
|
@ -139,8 +139,8 @@ configuration](https://torsion.org/borgmatic/docs/how-to/upgrade/#upgrading-your
|
||||||
|
|
||||||
### Encryption
|
### Encryption
|
||||||
|
|
||||||
If you encrypt your Borg repository with a passphrase instead of a key file,
|
If you encrypt your Borg repository with a passphrase or a key file, you'll
|
||||||
you'll either need to set the borgmatic `encryption_passphrase` configuration
|
either need to set the borgmatic `encryption_passphrase` configuration
|
||||||
variable or set the `BORG_PASSPHRASE` environment variable. See the
|
variable or set the `BORG_PASSPHRASE` environment variable. See the
|
||||||
[repository encryption
|
[repository encryption
|
||||||
section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption)
|
section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption)
|
||||||
|
|
Loading…
Reference in a new issue