|TARSNAP-RECRYPT(1)||General Commands Manual||TARSNAP-RECRYPT(1)|
re-encrypts data stored using
tarsnap-recrypt downloads and decrypts
data using old-key-file and re-encrypts and uploads it
using new-key-file. After all the data has been
tarsnap-recrypt deletes the data using
old-key-file so that the only remaining copy of the
data is encrypted using new-key-file. The key file
new-key-file must have been generated by
tarsnap-recrypt checkpoints its progress
after every 1-2 GB of data that it has copied; if it is interrupted it can
be re-run and it will attempt to continue.
Note that after
it will be possible to store more archives using the key
old-key-file and the cache directory
old-cache-dir so care should be taken to disable any
automatic (e.g., cron(8)) archiving
tarsnap-recrypt is run.
--version option prints the version
tarsnap-recrypt, then exits.
The following sequence of commands will create new keys and re-encrypt data, assuming that the currently used keys are in /root/tarsnap.key and the current cache directory is /usr/local/tarsnap-cache:
|February 10, 2022||Linux 6.6.2-arch1-1|