how to verify repo auth/encryption config?

[laur89]

I'm operating with repos that were created some decade ago. How to verify what config I initiated them with, e.g. are they encrypted or merely authenticated?

[ThomasWaldmann]

You could look into repo_directory/:

• check the README - does it say this is from borg?
• when was the repo last updated? that gives some rough hint about the maximum borg version that might have been used for the backups.
• look into the config file. is there a crypto key blob?
  • yes: repokey mode, at least authenticated, maybe encrypted.
  • no: could be keyfile mode if encrypted or authenticated. or it is neither authenticated nor encrypted (some ancient versions had a crypto mode that derived the AES key directly and only from the passphrase).
• for encrypted modes, you will need the passphrase. also you will usually need the borg key (it can be either in the repo config (repokey mode) or in the user's home directory (keyfile mode).
• you can also peek into the binary segment files in data/XXX - if you only see random noise mostly, it is encrypted.

Then have a look into our changelog for compatibility and upgrade notes.

Also check the github releases page, where you can find "fat binary" releases for many borg versions (they include everything needed, you only need to care for glibc compatibility on linux).

If you have a matching and working borg binary, you can use borg info -v REPO to get more information about the repo.

2016-03-05 was the release date of borg 1.0.0 (which was a major release with some incompatible changes), see: https://github.com/borgbackup/borg/blob/1.0.0/docs/changes.rst

[laur89]

Okay, given there's a key in config file and data/* files contain nonsense, I guess it's reasonable to assume I'm using repokey. Thanks!