[Borgbackup] Prune encrypted repository without the key
Philippe MILINK
philippe.milink at gmx.fr
Sun Mar 13 14:14:58 EDT 2022
Hello,
Is it possible to prune an encrypted repository without having its key
(and/or passphrase: the credentials) ?
Here is my configuration:
- a server A backups its data with borg to servers owned by third-party
members. To prevent third-party members reading the data in the backup,
the borg repository is encrypted (borg init -e repokey) and members do
not know the passphrase.
- servers of third-party members are configured as described in the
documentation
(https://borgbackup.readthedocs.io/en/stable/deployment/hosting-repositories.html),
with the --append-only options added to borg serve (thus if an attacker
has access to the server A, he cannot delete backups).
However, I would like to let the "storage policy" to the third-party
members: if a member has only few storage space, he will only keep the
backups of the 7 last days; if a member has lot of storage space, he can
keep the last two months of backups. This supposes to let the
third-party members run the borg prune command from their servers, on
the repository which is encrypted.
I just discovered this isn't possible, because borg prune asks for the
passphrase... (and it makes sense: to prevent malicious removing from
the repository host...) I cannot run the borg prune commands from the
server A, because of the --append-only option.
Is there a way to do this ?
Thanks,
Philippe.
More information about the Borgbackup
mailing list