I just saw Backblaze announced encryption at rest support.
It’s not clear to me whether I just need to turn this on I’m the B2 admin UI or whether restic would need to be updated / configured to interact with something like this?
Gabe
1 Like
Based on the documentation, SSE-B2 should be instantly compatible with all B2 clients. SSE-C (customer-managed keys) require client changes to supply the key.
Note that turning on encryption-by-default for an existing bucket does not automatically encrypt all files contained therein.
Keep in mind that encryption isn’t applied to files held in a bucket prior to SSE enablement on that bucket. To encrypt files that were held in a bucket prior to SSE enablement, you’ll need to use the Copy API call to make duplicate files for encryption.
1 Like