Tarsnap change key file with tarsnap-keyregen and tarsnap-recrypt

Want to change the tarsnap.key file?

Check out this manual: https://www.acunote.com/blog/2012/02/tarsnap-key-rotation-with-tarsnap-recrypt-and-tarsnap-keyregen.html

Especially this part of code is useful:

# create new key
tarsnap-keyregen --keyfile ~/tarsnap/keys/server.new.key \
                 --oldkey ~/tarsnap/keys/server.old.key \
                 --user me@example.com --machine server

# run recrypt.  This can take a long time (days), and final delete
# transaction will fail because of server cron jobs that will happen
# in the meantime
tarsnap-recrypt --oldkey ~/tarsnap/keys/server.old.key \
                --oldcachedir ~/tarsnap/cache/server.old \
                --newkey ~/tarsnap/keys/server.new.key \
                --newcachedir ~/tarsnap/cache/server.new

You can find the location of your tarsnap key file and cache folder with:

find / -name tarsnap.key
find / -name tarsnap-cache

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top