Hi,
is an unencrypted connection to a remote (S3) repository unsafe?
Does restic first pull the whole encrypted metadata onto the server and before decrypt it (if cache is disabled)?
Thanks in advanced
restic encrypts/decrypts all data in the client - the server (and everything in between) only sees encrypted data. Using an unencrypted connection exposes your login credentials but not the backup itself.
2 Likes