Is Restic with an Rclone Encrypted remote a good idea?

I am talking about protecting against restic zero days flaws in the encryption. Should I do this, or is this a bad practise? I already tried this, and it seems to work, but I am not an expert on this.

My plan is to backup on the cloud, but I do not want anyone using my data. Please note that these data are not anything that is interesting; just a bunch of family photos and word docs. So I highly doubt that any sophisticated actor is after my files.

Using it like this adds a layer of complexity, and I am not really sure if I can recover if something goes wrong somewhere.

Also, is this usually done or am I needlessly complicating things?

Thanks for the cool software.


I suspect you might be overthinking things. Restic’s crypto has been reviewed by people who are pretty “with it” when it comes to Crypto and has been given a pass, so I think you can rely on it.


That xkcd cartoon is my favorite.

So there is no need for me to overcomplicate this. Thanks.

Also, how far can I go with restic encryption?

I know that as a general rule I should never send out data that I do not want others to find regardless of encryption. But hypothetically, if I use restic encryption, can I keep the data with cloud providers and remote sites that I cannot fully trust?

Thanks again.

That is the whole purpose of the encryption.

You only need to trust them to not throw away your data. Availability, in other words.

1 Like

Thanks.I am setting up my backups with restic instead of just keeping copies everywhere, and I am uploading them to a few cloud providers. This forum is really helpful in getting the commands right.

Just one more thing. I am using restic with rclone over a VPN (I can’t access the cloud provider otherwise). Is that a problem? If I read things right, restic does everything on my computer (client-side encryption) and therefore it shouldn’t matter if I use a VPN(trustworthy or otherwise) to upload the files, right?. Thanks again.

No, it is not.

1 Like

Thanks again.

Same question:

1 Like