From: Kern Sibbald Date: Sat, 12 May 2007 06:46:30 +0000 (+0000) Subject: Update X-Git-Tag: Release-2.2.0~524 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=3dd5f9dd9db1aeef0f046d005564238e7ccaade9;p=bacula%2Fdocs Update --- diff --git a/docs/manual/dataencryption.tex b/docs/manual/dataencryption.tex index d181015c..34b050fe 100644 --- a/docs/manual/dataencryption.tex +++ b/docs/manual/dataencryption.tex @@ -111,6 +111,31 @@ directly was not possible, as at the time of coding a free software streaming DER decoder/encoder was not available. +\section{Decrypting with a Master Key} +\index[general]{Decrypting with a Master Key} + +It is preferable to retain a secure, non-encrypted copy of the +client's own encryption keypair. However, should you lose the +client's keypair, recovery with the master keypair is possible. + +You must: +\begin{itemize} +\item Concatenate the master private and public key into a single + keypair file, ie: + cat master.key master.cert >master.keypair + +\item 2) Set the PKI Keypair statement in your bacula configuration file: + +\begin{verbatim} + PKI Keypair = master.keypair +\end{verbatim} + +\item Start the restore. The master keypair will be used to decrypt + the file data. + +\end{itemize} + + \section{Generating Private/Public Encryption Keys} \index[general]{Generating Private/Public Encryption Keypairs} @@ -151,7 +176,6 @@ certificate encoding that contains only a single public key. \index[general]{Example!Data Encryption Configuration File} \index[general]{Example Data Encryption Configuration} - {\bf bacula-fd.conf} \footnotesize \begin{verbatim} diff --git a/docs/manual/version.tex b/docs/manual/version.tex index 2731cf8a..11f15e5d 100644 --- a/docs/manual/version.tex +++ b/docs/manual/version.tex @@ -1 +1 @@ -2.1.8 (08 May 2007) +2.1.8 (09 May 2007)