Project

General

Profile

Correction #11162

Feedback on Backup and Recovery — Making Backups in the GUI

Added by Viktor Gurov 3 months ago. Updated about 1 month ago.

Status:
Feedback
Priority:
Normal
Assignee:
Jim Pingle
Category:
Backup / Restore
Target version:
-
Start date:
12/14/2020
Due date:
% Done:

0%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/backup/configuration.html
https://docs.netgate.com/pfsense/en/latest/backup/restore.html

Feedback:

Add:
1) note about the possibility of restoring from a pre-2.5 encrypted backup but not vice versa;
2) command line to decrypt the backup manually:

pre-2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md md5`

2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md sha256 -pbkdf2`

see #9421

History

#1 Updated by Jim Pingle about 1 month ago

Unless I'm misreading the intent here, the first note (point 1) is irrelevant. It has never been possible to restore a new config to an older system. Doesn't matter if it's encrypted or not. Thus, it's not necessary to mention that the new encryption method cannot be read by older systems.

Would be OK to note the commands to manually decrypt the configuration, though, so I'll leave this open for that.

#2 Updated by Jim Pingle about 1 month ago

  • Status changed from New to Feedback

#3 Updated by Viktor Gurov about 1 month ago

Jim Pingle wrote:

Unless I'm misreading the intent here, the first note (point 1) is irrelevant. It has never been possible to restore a new config to an older system.

This is what I meant and it's better to note it on the page.

Also available in: Atom PDF