Restic key store


coming from borgbackup there is a question I couldn’t find a full answer for anywhere regarding how restic stores its key-files.

In borgbackup, keys are stored locally on the machine you’re backing up, except you’re using “repokey” to store the key in the repository.

A keyfile stored on the server that’s backed up, is quite bad for me because I need to be able to do a complete disaster recovery of that machine. So when I need the backup, the key file on the backed-up machine is lost, rendering the backup useless.

I found a discussion here about storing the key in the repository. So am I correct, that restic by default stores the key file in the repo and not on the machine that is backed-up so one will be able to restore the remote repository on completely new hardware for disaster recovering, as long as I know the password?

Thank you! :slight_smile:

Yes, this is correct. The key is stored in the keys directory in the repo, and as long as you know the password you can use it to restore everything.