Repository password encryption


#1

Rclone has obscure password option which can mask the real password when added to scripts for automation.

Can the same be added to restic.


#2

I’m not convinced that this helps. It’s an instance of security through obscurity and only gives you a false sense of security in my option and increases complexity.


#3

Agree

The best would be public private key security :grinning:


#4

Hi @saviodsouza please also see this issue on GitHub https://github.com/restic/restic/issues/187

So, in conclusion, to defend best against attackers taking over a server that uses restic for backups, I think we would need to implement both (non-dumb storage and asymmetric crypto). That’s a long-term goal :slight_smile: