Scroll to navigation

BORG-KEY-CHANGE-PASSPHRASE(1) borg backup tool BORG-KEY-CHANGE-PASSPHRASE(1)

NAME

borg-key-change-passphrase - Change repository key file passphrase

SYNOPSIS

borg [common options] key change-passphrase [options] [REPOSITORY]

DESCRIPTION

The key files used for repository encryption are optionally passphrase protected. This command can be used to change this passphrase.

Please note that this command only changes the passphrase, but not any secret protected by it (like e.g. encryption/MAC keys or chunker seed). Thus, changing the passphrase after passphrase and borg key got compromised does not protect future (nor past) backups to the same repository.

OPTIONS

See borg-common(1) for common options of Borg commands.

arguments

REPOSITORY

EXAMPLES

# Create a key file protected repository
$ borg init --encryption=keyfile -v /path/to/repo
Initializing repository at "/path/to/repo"
Enter new passphrase:
Enter same passphrase again:
Remember your passphrase. Your data will be inaccessible without it.
Key in "/root/.config/borg/keys/mnt_backup" created.
Keep this key safe. Your data will be inaccessible without it.
Synchronizing chunks cache...
Archives: 0, w/ cached Idx: 0, w/ outdated Idx: 0, w/o cached Idx: 0.
Done.
# Change key file passphrase
$ borg key change-passphrase -v /path/to/repo
Enter passphrase for key /root/.config/borg/keys/mnt_backup:
Enter new passphrase:
Enter same passphrase again:
Remember your passphrase. Your data will be inaccessible without it.
Key updated
# Import a previously-exported key into the specified
# key file (creating or overwriting the output key)
# (keyfile repositories only)
$ BORG_KEY_FILE=/path/to/output-key borg key import /path/to/repo /path/to/exported


Fully automated using environment variables:

$ BORG_NEW_PASSPHRASE=old borg init -e=repokey repo
# now "old" is the current passphrase.
$ BORG_PASSPHRASE=old BORG_NEW_PASSPHRASE=new borg key change-passphrase repo
# now "new" is the current passphrase.


SEE ALSO

borg-common(1)

AUTHOR

The Borg Collective

2022-08-20