|TARSNAP-KEYREGEN(1)||General Commands Manual||TARSNAP-KEYREGEN(1)|
tarsnap-keyregengenerates a set of cryptographic keys which are compatible with an existing set of cryptographic keys, registers with the tarsnap server, and writes a key file for use with tarsnap-recrypt(1) and tarsnap(1). The term "compatible" here means that it is possible to re-encrypt archives stored with the first set of keys to be stored with the second set of keys. This is required because Tarsnap has some keys which need to stay the same when re-encrypting data; otherwise, existing archives will become unreadable and cannot be used for deduplication.
key-file option specifies the name of the file in
which to write the newly-generated keys. The
--oldkey old-key-file option
specifies the name of the file containing the old keys. The
--user user-name option
specifies the name (i.e. email address) of the Tarsnap account. The
--machine machine-name option
specifies a name which will be displayed in accounting reports so that you
can see how much data each machine is storing.
--passphrased option is specified,
the user will be prompted to enter a passphrase (twice) to be used to
encrypt the key file.
maxmem option is specified, a maximum of
maxmem bytes of RAM will be used in the scrypt key
derivation function to encrypt the key file; it may be necessary to set this
option if a key file is being generated on a system with far more RAM than
the system on which the key file will be used.
maxtime option is specified, a maximum of
approximately maxtime seconds will be used in the
scrypt key derivation function to encrypt the key file.
--version option prints the version
tarsnap-keyregen, then exits.
|July 28, 2017||Linux 5.10.9-arch1-1|