From Segfault
Jump to navigation Jump to search


With Backblaze B2 Cloud Storage[1] being available for a few years now, it's finally time to switch from that awful CrashPlan solution to a real one. Several backup clients are available, but only rclone appears to support encrypted B2 backups.

There are some limitations though when file name encryption is enabled:[2]

file names encrypted
file names can’t be as long (~143 characters)
can use sub paths and copy single files
directory structure visible
identical files names will have identical uploaded names
can use shortcuts to shorten the directory recursion

To make sure we will be able to encrypt all our files, we need to find overly long file names:

find /backup -type f | LC_ALL=C awk -F/ 'length($NF) > 100 {print length($NF), $0}' 

Note: without that LC_ALL=C awk would run into:

awk: cmd. line:1: (FILENAME=- FNR=94257) warning: Invalid multibyte data detected. There may be a mismatch between your data and your locale.


Create a local configuration for Backblaze B2[3]

rclone@len$ rclone config
e/n/d/r/c/s/q> n
name>    b2len
Storage> 4                                           # Backblaze B2
account> xxxx
key>     xxxxxxxxxxxx
y/e/d>   y
rclone@len$ rclone listremotes

Create a remote bucket (with a unique name):

rclone mkdir b2len:backup-$(openssl rand -base64 32 | sha1sum | cut -c-6)
rclone lsd b2len:
         -1 2018-05-10 23:35:30        -1 backup-43e331
         -1 2018-05-10 23:35:30        -1 foobarbaz

Create a new configuration to encrypt[4] that bucket:

rclone@len$ rclone config
e/n/d/r/c/s/q> n
name> b2secret
Storage> 8                                           # Crypt
remote> b2len:backup-43e331
filename_encryption> 2
directory_name_encryption> 1
y/n> y
type = crypt
remote = b2len:backup-43e331
filename_encryption = standard
directory_name_encryption = true
password = *** ENCRYPTED ***
password2 = *** ENCRYPTED ***

rclone@len$ rclone listremotes




rsnapshot Perl incremental archives via rsync and hardlinks
duplicity Python GPG-encrypted tar-format volumes, incremental archives via librsync
bup Python, C git packfile format, incremental archives, deduplication
Attic Python deduplicating, encrypted archives
burp C deduplicating, incremental archives via librsync
borgbackup C deduplicating, incremental (?), compressed archives, authenticated encryption
Tarsnap C deduplicating, incremental, compressed archives, authenticated encryption
restic Go incremental, encrypted archives
duplicati C# incremental, encrypted, compressed backups