I just have a short question I’m hoping to get help with. I’m currently testing out Duplicati for my local backups to one of my external hard-drives. I’m using Duplicati for this and it seems to be the solution I’ve been looking for.
So, I want my data to be encrypted and it looks encrypted from what I see. However, when would I have to add my encryption password again? Because as it looks now I could just restore all files without ever adding my encryption password so if someone got access to my PC, they could just launch Duplicati and see all my files.
Whether you need the password in your testing depends on which method you use for restoration.
If you select the restore link from backup-specific part in the web gui, you are not asked the password because the web gui finds it in the local database Duplicati-erver.sqlite.
But if you do the restore via main menu, you will be first asked the target location from which to restore, and down the line also the password, because that method does not know about your local databases.
What do you mean by “access to my PC”? If physical access then they will have access to your files anyway, no need for them to restore from Duplicati. You can mitigate this risk by using full disk encryption and password protecting your user account.
You can protect the Duplicati web interface by password protecting the UI. At a minimum don’t make the UI accessible to other computers - The Duplicati web interface should only listen on localhost. (This is the default configuration.)
If someone steals your PC you can change your credentials on the back end storage that Duplicati uses so that the person who stole your computer cannot do any restores.
As @AimoE mentioned, encryption keys and back end credentials are stored in Duplicati-server.sqlite – protect that file.
Thanks for both answers! Sorry, and yeah, I was more thinking if someone steals my external hard-drive. I only encrypt my files on my external hard-drive since that could be stolen on the train or something like that (it has happened to me once. :(). I don’t expect anyone to have access to my PC, I was more wondering about that other part. So if someone steals my external hard drive I don’t want them to be able to access my files on it!
What does it contain? Duplicati backups? If so, using encryption with Duplicati would make that backup data unreadable to someone who stole just the external drive. The Duplicati software and its sensitive sqlite database are by default stored on the C: drive.
I only encrypt my files on my external hard-drive since that could be stolen on the train or something like that (it has happened to me once. :(). I don’t expect anyone to have access to my PC, I was more wondering about that other part. So if someone steals my external hard drive I don’t want them to be able to access my files on it!