Home Explore Help
Sign In
mirrors
/
borg
mirror of https://github.com/borgbackup/borg
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

[DOCS] #3428 – Borg repo restore instructions needed

Adapt FAQ to the new delete option.
Thalian 5 years ago
parent
92b577e46f
commit
41ecd1ae30
2 changed files with 15 additions and 26 deletions
Unified View Show Diff Stats
  1. 13 26
      docs/faq.rst
  2. 2 0
      docs/internals/security.rst

+ 13 - 26
docs/faq.rst
View File 

@@ -187,37 +187,24 @@ all the part files and manually concatenate them together.
 
 
 
 For more details, see :ref:`checkpoints_parts`.
 
 For more details, see :ref:`checkpoints_parts`.
 
 
 
-My repository is corrupt, how can I restore from an older but working repository?
 
----------------------------------------------------------------------------------
 
+My repository is corrupt, how can I restore from an older copy of it?
 
+---------------------------------------------------------------------
 
 
 
-If the working repo has the same ID as the corrupt one, the recommended method
 
-is to delete the corrupted repository, and then copy the working repository to
 
-the same location. The delete command will completely remove the corrupt repo
 
-and delete the corresponding cache and security subdirectory in
 
-``~/.config/borg/security``, including the nonce value (if encryption is used).
 
-When the working repo is used later for creating new archives, Borg would
 
-initialize a fresh nonce, which would be bad for security reasons (nonce values
 
-should never be reused). To prevent this, the security subdirectory should be
 
-saved before deleting, and later moved back into place.
 
-
 
-Example:
 
+If your repositories are encrypted and have the same ID, the recommended method
 
+is to delete the corrupted repository, but keep its security info, and then copy
 
+the working repository to the same location:
 
 
 
 ::
 
 ::
 
 
 
-    # Get the repo ID from repo config.
 
-    REPO_ID=$(borg config /path/to/repo-good id)
 
-
 
-    # Rename the repo security dir so Borg won't delete it.
 
-    cd ~/.config/borg/security
 
-    mv $REPO_ID $REPO_ID.backup
 
-
 
-    # Now delete and rename the security dir back.
 
-    borg delete /path/to/repo
 
-    mv $REPO_ID.backup $REPO_ID
 
-
 
-    # Finally copy the good repo to the original place.
 
-    rsync -avH /path/to/repo-good /path/to/repo
 
+    borg delete --keep-security-info /path/to/repo
 
+    rsync -aH /path/to/repo-working/ /path/to/repo  # Note the trailing slash.
 
 
 
+A plain delete command would remove the security info in
 
+``~/.config/borg/security``, including the nonce value. In BorgBackup
 
+:ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the
 
+working repo was used later for creating new archives, Borg would initialize a
 
+fresh nonce, which would be bad for security reasons. To prevent this, the
 
+``keep-security-info`` option is applied so that the nonce counter is kept.
 
 
 
 Can Borg add redundancy to the backup data to deal with hardware malfunction?
 
 Can Borg add redundancy to the backup data to deal with hardware malfunction?
 
 -----------------------------------------------------------------------------
 
 -----------------------------------------------------------------------------

+ 2 - 0
docs/internals/security.rst
View File 

@@ -118,6 +118,8 @@ prompt is a set BORG_PASSPHRASE. See issue :issue:`2169` for details.
 
        manifest this way, while a changed layout would have broken
 
        manifest this way, while a changed layout would have broken
 
        compatibility.
 
        compatibility.
 
 
 
+.. _security_encryption:
 
+
 
 Encryption
 
 Encryption
 
 ----------
 
 ----------