The question fits neatly into the title
I’m on Linux Mint, and have the Duplicati server running via systemd. I assume that means the database where my “sensitive” information is saved is only accessible to root (or sudoers, of course)?
The question fits neatly into the title
I’m on Linux Mint, and have the Duplicati server running via systemd. I assume that means the database where my “sensitive” information is saved is only accessible to root (or sudoers, of course)?
As far as I know you are correct - when run as root
databases will be in /root/.config/Duplicati
(unless otherwise specified by parameters) so should be as secure as that folder is.
Passphrase and backend credentials can be retrieved easily by logging in to the Web UI, no matter where and how the local DB is stored.
To protect this information, don’t use the --webservice-interface=any
to start the server and protect the Web UI with a password.