Hi there, professionally i work almost daily with Commvault and the one thing that i really like is the ability to download a restore selection instead of actually restoring it. That means wherever you are, you can always get to your files when you can access Duplicati.
Is this option anywhere on the roadmap/horizon ?
Hi @Patrick_Bergervoet, welcome to the forum 
I have not used Commvault, so I doât really see what you mean. Duplicati supports restoring to a different location, so you can restore to somewhere convenient to you (like the download folder).
How is the ability to âdownloadâ different from this? Is it that you download from the browser directly?
If so, Duplicati would need to restore to a temporary folder, then zip the results and send them from the browser. Unless you are doing something remotely, it seem that the process is less efficient (but perhaps more convenient).
Can you elaborate on how it would work better for you?
Weâll hear, but my guess was it was something like:
Downloading Files and Folders Using the Web Console for Windows Archiving
which has come up before and is often seen on integrated backup and storage.
It could be convenient when away, as an alternative to remoting to live system.
Duplicatiâs historical model has been bring-your-own-storage for the local client.
Thereâs now Duplicati Console, but I assume client/agent doesnât share enough.
One could Direct restore from backup files from any Duplicati install, but itâs slow
compared to the Duplicati install on the source system which has local database.
For security-minded people, having a web site be able to get files can be a worry.
I see. I think this makes sense for Commvault where you are using a different machine.
But for Duplicati, you are already on the machine, so you can just restore to a local folder and grab the data.
In any case, I have registered an issue for this feature.
It actually connects to the machine (in a secure manner), so it could be possible to restore like this from the browser.
I agree. I have added a note on that in the issue.
This assumption may fly in the face of the âwherever you areâ need from original post.
Iâd like @Patrick_Bergervoet to say, but Iâm guessing this is away-from-machine case.
Itâs not just someone on the machine who for some reason prefers browser download.
If youâre talking about Duplicati Console, great (except for having to leave machine up).
The âdoesnât share enoughâ refers to Duplicati Console not having all the database info.
In theory it could run Direct restore if it had the config, but it would probably be too slow.
I might be misunderstanding âyou are already on the machineâ. If that meant Console to agent which is on the machine, assuming itâs up, thatâs different from personal presence.
Yes, correct, I missed that part. Could also be users who proxy the service.
That is the only way we can ensure that data never leaves your control. You can access your machine and control Duplicati, but never transmit anything that could be intercepted or stored along the way.
The database information contains credentials that never enter the Duplicati console, so the console cannot restore anything. To do a restore, the console would need to obtain the credentials to the remote store and the passphrase, and somehow access the data (hard if it is a non-public server).
Hi there, i have indeed proxied duplicati with 2fa. From time2time i find myself in a situation where i say to myself, âwell wouldnât it be convenient to be able to download a selective restore instead of restoring it and then rdp into the server to collect the restored filesâ It is by no means a dealbreaker but it would seem to me a simple function to adapt into Duplicati
Can you clarify what functions you mean? The Commvault setup seems hardly simple, although many managed backups have a similar one. Duplicatiâs approach is different.
From where? Any web browser? Can source system be down then? When backups are highly server-centric (managed backup), this is more possible. Duplicati is client-centric, where client knows the encryption password, has the database, and uses dumb storage.
Depending on what you have in mind, and how much it breaks Duplicatiâs security goals, feature might be impossible rather than simple. Look at end of above post. If backup is to non-public server inside a home or business, Duplicati web console canât get there when source system is down, even ignoring the other pains like no database and no password.
I suppose this case is assuming the Duplicati system is running, so not quite the full-on access-anywhere-regardless-of-system-state. Are you talking about Duplicati Console?
Are you specifically trying to get old files from a backup? Canât RDP grab current ones?
Sometimes one might want a current file, not have RDP, but a backup provider might be able to conveniently provide a current-enough copy for someone with only web browser.
Sometimes people also want such files going to their phone, basically as a convenience.
has some points that have already been made on the security goals and backup storage.
These choices are the foundation from which the rest of Duplicati is built. With the use of client-side encryption, Duplicati can be classified as a Trust-no-one / Zero-Trust system, where the possesion of the encryption key decides who has access to the data.
To ensure that Duplicati can work with different storage destinations, such as S3 and a network share, any interaction with the storage destination is limited to 4 commands: GET, PUT, LIST, and DELETE. Any storage system that supports these 4 commands can work with Duplicati.
For an example of a backup service with bundled storage and optional user passphrase:
Restoring When You Set a Passphrase
where they work to reassure you that your typing a passphrase to their site is safe to do, however itâs still less safe than keeping the secret passphrase secret instead of typing it.
is a bit vague, but maybe it means Duplicati Console doesnât want to see your file either.
Sometimes there are technical solutions to keep the web site from seeing actual content. MEGA decrypts in your local browser, but I donât know if Duplicati could add such a thing.
Yes, I should perhaps have extended it with:
never transmit anything that could be intercepted or stored along the way by Duplicatiâs infrastructure.
Infrastructure risk might be avoidable with an additional encryption step on the restored files. The details would have to be designed, but a goal would be to encrypt in a way that only browser initiating the request can decrypt. Basically, itâs what might be called end-to-end-encryption, with one end being a Duplicati agent or server, and the other end being a browser asking for files.
Asymmetric encryption can be slower, but hybrid schemes might be possible, e.g. TLS is eventually symmetric encryption, but has an initial step where that key gets negotiated by technique protected from intercepts in the middle. Thereâs Diffie-Hellman. Might be others.
Regardless, it seems like a lot of work, so it would be good to see how big the demand is. Infrastructure load would also be an issue, but presigned URLs might at least offload that.