Correction #11162: Feedback on Backup and Recovery — Making Backups in the GUI - pfSense Docs - pfSense bugtracker

Actions

Copy link

Correction #11162

closed

Feedback on Backup and Recovery — Making Backups in the GUI

Added by Viktor Gurov almost 4 years ago. Updated about 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

Backup / Restore

Target version:

Start date:

12/14/2020

Due date:

% Done:

100%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/backup/configuration.html
https://docs.netgate.com/pfsense/en/latest/backup/restore.html

Feedback:

Add:
1) note about the possibility of restoring from a pre-2.5 encrypted backup but not vice versa;
2) command line to decrypt the backup manually:

pre-2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md md5`

2.5: `grep -v "config.xml" config-encrypted.xml | base64 -d | openssl enc -d -aes-256-cbc -out dencryptedfile.xml -pass pass:<PASSWORD> -salt -md sha256 -pbkdf2`

see #9421

Actions

Copy link

Updated by Jim Pingle almost 4 years ago

Unless I'm misreading the intent here, the first note (point 1) is irrelevant. It has never been possible to restore a new config to an older system. Doesn't matter if it's encrypted or not. Thus, it's not necessary to mention that the new encryption method cannot be read by older systems.

Would be OK to note the commands to manually decrypt the configuration, though, so I'll leave this open for that.

Actions

Copy link