Adding Encryption To A Remote After The Fact
-
Did a little digging and I don't think I've seen anything about this on the forum before so wanted to post.
Does anyone know how Xen Orchestra behaves if you add an encryption key to a remote after said remote has already been used for unencrypted backups?
I'm planning to start encrypting everything I upload in the near future, if it's as simple as adding a key that's great, but I am guessing it's better to create a new remote (and new bucket) and then just restart all the backups with the new remote?
Or should I re-create the backup jobs entirely?
-
Question for @florent
-
@planedrop you can't change the remote encryption if the remote is not empty
in the future we intend to be able to use rolling encryption ( that is encrypting the new block/file with the new key ) to permit an easier upgrade and key rotation
-
@florent OK gotcha, I figured this was the case.
So best option would be to create a new backup job, encrypt that to a new remote, then go back and delete all the old stuff when ready?
-
@planedrop yes
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login