I am talking about protecting against restic zero days flaws in the encryption. Should I do this, or is this a bad practise? I already tried this, and it seems to work, but I am not an expert on this.
My plan is to backup on the cloud, but I do not want anyone using my data. Please note that these data are not anything that is interesting; just a bunch of family photos and word docs. So I highly doubt that any sophisticated actor is after my files.
Using it like this adds a layer of complexity, and I am not really sure if I can recover if something goes wrong somewhere.
Also, is this usually done or am I needlessly complicating things?
I suspect you might be overthinking things. Restic’s crypto has been reviewed by people who are pretty “with it” when it comes to Crypto and has been given a pass, so I think you can rely on it.
So there is no need for me to overcomplicate this. Thanks.
Also, how far can I go with restic encryption?
I know that as a general rule I should never send out data that I do not want others to find regardless of encryption. But hypothetically, if I use restic encryption, can I keep the data with cloud providers and remote sites that I cannot fully trust?
Thanks.I am setting up my backups with restic instead of just keeping copies everywhere, and I am uploading them to a few cloud providers. This forum is really helpful in getting the commands right.
Just one more thing. I am using restic with rclone over a VPN (I can’t access the cloud provider otherwise). Is that a problem? If I read things right, restic does everything on my computer (client-side encryption) and therefore it shouldn’t matter if I use a VPN(trustworthy or otherwise) to upload the files, right?. Thanks again.
