From: Kern Sibbald <kern@sibbald.com>
Date: Sat, 12 May 2007 06:46:30 +0000 (+0000)
Subject: Update
X-Git-Tag: Release-2.2.0~524
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=3dd5f9dd9db1aeef0f046d005564238e7ccaade9;p=bacula%2Fdocs

Update
---

diff --git a/docs/manual/dataencryption.tex b/docs/manual/dataencryption.tex
index d181015c..34b050fe 100644
--- a/docs/manual/dataencryption.tex
+++ b/docs/manual/dataencryption.tex
@@ -111,6 +111,31 @@ directly was not possible, as at the time of coding a free software
 streaming DER decoder/encoder was not available.
 
 
+\section{Decrypting with a Master Key}
+\index[general]{Decrypting with a Master Key}
+
+It is preferable to retain a secure, non-encrypted copy of the  
+client's own encryption keypair. However, should you lose the  
+client's keypair, recovery with the master keypair is possible.
+
+You must:
+\begin{itemize}
+\item  Concatenate the master private and public key into a single  
+   keypair file, ie:
+   cat master.key master.cert >master.keypair
+
+\item 2) Set the PKI Keypair statement in your bacula configuration file:
+
+\begin{verbatim}
+   PKI Keypair = master.keypair
+\end{verbatim}
+
+\item Start the restore. The master keypair will be used to decrypt
+     the file data.
+ 
+\end{itemize}
+
+
 \section{Generating Private/Public Encryption Keys}
 \index[general]{Generating Private/Public Encryption Keypairs}
 
@@ -151,7 +176,6 @@ certificate encoding that contains only a single public key.
 \index[general]{Example!Data Encryption Configuration File}
 \index[general]{Example Data Encryption Configuration}
 
-    
 {\bf bacula-fd.conf}
 \footnotesize
 \begin{verbatim}
diff --git a/docs/manual/version.tex b/docs/manual/version.tex
index 2731cf8a..11f15e5d 100644
--- a/docs/manual/version.tex
+++ b/docs/manual/version.tex
@@ -1 +1 @@
-2.1.8 (08 May 2007)
+2.1.8 (09 May 2007)