Correction #11162
Feedback on Backup and Recovery — Making Backups in the GUI
100%
Description
Page: https://docs.netgate.com/pfsense/en/latest/backup/configuration.html
https://docs.netgate.com/pfsense/en/latest/backup/restore.html
Feedback:
Add:
1) note about the possibility of restoring from a pre-2.5 encrypted backup but not vice versa;
2) command line to decrypt the backup manually:
pre-2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md md5`
2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md sha256 -pbkdf2`
see #9421
History
#1
Updated by Jim Pingle 4 months ago
Updated by Unless I'm misreading the intent here, the first note (point 1) is irrelevant. It has never been possible to restore a new config to an older system. Doesn't matter if it's encrypted or not. Thus, it's not necessary to mention that the new encryption method cannot be read by older systems.
Would be OK to note the commands to manually decrypt the configuration, though, so I'll leave this open for that.
#2
Updated by Jim Pingle 4 months ago
- Status changed from New to Feedback
Added section on encrypted backups with the commands:
https://docs.netgate.com/pfsense/en/latest/backup/restore.html#encrypted-configuration-files
#3
Updated by Viktor Gurov 4 months ago
Updated by Jim Pingle wrote:
Unless I'm misreading the intent here, the first note (point 1) is irrelevant. It has never been possible to restore a new config to an older system.
This is what I meant and it's better to note it on the page.
#4
Updated by Jim Pingle 2 months ago
- % Done changed from 0 to 100
I added a section on backup compatibility with explains in more detail about what can/cannot be restored between versions and so on.
https://docs.netgate.com/pfsense/en/latest/backup/restore.html#backup-compatibility