X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=pve-storage-pbs.adoc;h=1006a64099e87cd3605663e693d519129371d275;hb=fd95afe2f590b39e99e8c67af0af674bb1323b30;hp=1bb0721f74f62a76055474f12956cc9bce46e0d9;hpb=1658c673519fea697132d9a24c42a5a3a4667586;p=pve-docs.git diff --git a/pve-storage-pbs.adoc b/pve-storage-pbs.adoc index 1bb0721..1006a64 100644 --- a/pve-storage-pbs.adoc +++ b/pve-storage-pbs.adoc @@ -11,7 +11,7 @@ Storage pool type: `pbs` This backend allows direct integration of a Proxmox Backup Server into {pve} like any other storage. A Proxmox Backup storage can be added directly through the {pve} API, CLI or -the webinterface. +the web interface. Configuration ~~~~~~~~~~~~~ @@ -57,6 +57,13 @@ restricted to the root user. Use the magic value `autogen` to automatically generate a new one using `proxmox-backup-client key create --kdf none `. Optional. +master-pubkey:: + +A public RSA key used to encrypt the backup encryption key as part of the +backup task. The encrypted copy will be appended to the backup and stored on +the Proxmox Backup Server instance for recovery purposes. +Optional, requires `encryption-key`. + .Configuration Example (`/etc/pve/storage.cfg`) ---- pbs: backup @@ -64,7 +71,7 @@ pbs: backup server enya.proxmox.com content backup fingerprint 09:54:ef:..snip..:88:af:47:fe:4c:3b:cf:8b:26:88:0b:4e:3c:b2 - maxfiles 0 + prune-backups keep-all=1 username archiver@pbs ---- @@ -75,7 +82,7 @@ Proxmox Backup Server only supports backups, they can be block-level or file-level based. {pve} uses block-level for virtual machines and file-level for container. -.Storage features for backend `cifs` +.Storage features for backend `pbs` [width="100%",cols="m,4*d",options="header"] |=============================================================== |Content types |Image formats |Shared |Snapshots |Clones @@ -86,6 +93,8 @@ container. Encryption ~~~~~~~~~~ +[thumbnail="screenshot/storage-pbs-encryption-with-key.png"] + Optionally, you can configure client-side encryption with AES-256 in GCM mode. Encryption can be configured either via the web interface, or on the CLI with the `encryption-key` option (see above). The key will be saved in the file @@ -99,21 +108,33 @@ a key on that system. If the system then becomes inaccessible for any reason and needs to be restored, this will not be possible as the encryption key will be lost along with the broken system. -It is recommended that you keep your keys safe, but easily accessible, in +It is recommended that you keep your key safe, but easily accessible, in order for quick disaster recovery. For this reason, the best place to store it is in your password manager, where it is immediately recoverable. As a backup to this, you should also save the key to a USB drive and store that in a secure place. This way, it is detached from any system, but is still easy to recover from, in case of emergency. Finally, in preparation for the worst case scenario, -you should also consider keeping a paper copy of your master key locked away in -a safe place. The `paperkey` subcommand can be used to create a QR encoded -version of your master key. The following command sends the output of the -`paperkey` command to a text file, for easy printing. +you should also consider keeping a paper copy of your key locked away in a safe +place. The `paperkey` subcommand can be used to create a QR encoded version of +your key. The following command sends the output of the `paperkey` command to +a text file, for easy printing. ---- -# proxmox-backup-client key paperkey --output-format text > qrkey.txt +# proxmox-backup-client key paperkey /etc/pve/priv/storage/.enc --output-format text > qrkey.txt ---- +Additionally, it is possible to use a single RSA master key pair for key +recovery purposes: configure all clients doing encrypted backups to use a +single public master key, and all subsequent encrypted backups will contain a +RSA-encrypted copy of the used AES encryption key. The corresponding private +master key allows recovering the AES key and decrypting the backup even if the +client system is no longer available. + +WARNING: The same safe-keeping rules apply to the master key pair as to the +regular encryption keys. Without a copy of the private key recovery is not +possible! The `paperkey` command supports generating paper copies of private +master keys for storage in a safe, physical location. + Because the encryption is managed on the client side, you can use the same datastore on the server for unencrypted backups and encrypted backups, even if they are encrypted with different keys. However, deduplication between @@ -124,8 +145,8 @@ NOTE: Do not use encryption if there is no benefit from it, for example, when you are running the server locally in a trusted network. It is always easier to recover from unencrypted backups. -Examples -~~~~~~~~ +Example: Add Storage over CLI +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ // TODO: FIXME: add once available //You can get a list of exported CIFS shares with: