Update

diff --git a/docs/manual/dataencryption.tex b/docs/manual/dataencryption.tex
index d181015ce93225d3d62fa5c73173ab9bc9426eeb..34b050fec3aa409d82396ea05d0d744a3c62db41 100644 (file)
--- a/docs/manual/dataencryption.tex
+++ b/docs/manual/dataencryption.tex
@@ -111,6 +111,31 @@ directly was not possible, as at the time of coding a free software
 streaming DER decoder/encoder was not available.
 
 
+\section{Decrypting with a Master Key}
+\index[general]{Decrypting with a Master Key}
+
+It is preferable to retain a secure, non-encrypted copy of the  
+client's own encryption keypair. However, should you lose the  
+client's keypair, recovery with the master keypair is possible.
+
+You must:
+\begin{itemize}
+\item  Concatenate the master private and public key into a single  
+   keypair file, ie:
+   cat master.key master.cert >master.keypair
+
+\item 2) Set the PKI Keypair statement in your bacula configuration file:
+
+\begin{verbatim}
+   PKI Keypair = master.keypair
+\end{verbatim}
+
+\item Start the restore. The master keypair will be used to decrypt
+     the file data.
+ 
+\end{itemize}
+
+
 \section{Generating Private/Public Encryption Keys}
 \index[general]{Generating Private/Public Encryption Keypairs}
 
@@ -151,7 +176,6 @@ certificate encoding that contains only a single public key.
 \index[general]{Example!Data Encryption Configuration File}
 \index[general]{Example Data Encryption Configuration}
 
-    
 {\bf bacula-fd.conf}
 \footnotesize
 \begin{verbatim}

diff --git a/docs/manual/version.tex b/docs/manual/version.tex
index 2731cf8ab28d5abb6c6bf2902baa92d028468529..11f15e5d3ab464dea8c91a63a8a6a183e686f09a 100644 (file)
--- a/docs/manual/version.tex
+++ b/docs/manual/version.tex
@@ -1 +1 @@
-2.1.8 (08 May 2007)
+2.1.8 (09 May 2007)