diff --git a/docs/faq.rst b/docs/faq.rst index 7624bcf3b..44f78c99b 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -202,9 +202,10 @@ the working repository to the same location: A plain delete command would remove the security info in ``~/.config/borg/security``, including the nonce value. In BorgBackup :ref:`security_encryption` is AES-CTR, where the nonce is a counter. When the -working repo was used later for creating new archives, Borg would initialize a -fresh nonce, which would be bad for security reasons. To prevent this, the -``keep-security-info`` option is applied so that the nonce counter is kept. +working repo was used later for creating new archives, Borg would re-use nonce +values due to starting from a lower counter value given by the older copy of the +repository. To prevent this, the ``keep-security-info`` option is applied so +that the client-side nonce counter is kept. Can Borg add redundancy to the backup data to deal with hardware malfunction? ----------------------------------------------------------------------------- diff --git a/src/borg/archiver.py b/src/borg/archiver.py index 6b2d61590..9f1b22a57 100644 --- a/src/borg/archiver.py +++ b/src/borg/archiver.py @@ -1212,10 +1212,7 @@ class Archiver: SecurityManager.destroy(repository) else: logger.info("Would delete repository.") - if keep_security_info: - logger.info("Would keep security info.") - else: - logger.info("Would delete security info.") + logger.info("Would %s security info." % ("keep" if keep_security_info else "delete")) if not dry_run: Cache.destroy(repository) logger.info("Cache deleted.") @@ -3359,7 +3356,7 @@ class Archiver: you run ``borg compact``. When you delete a complete repository, the security info and local cache for it - (if any) is also deleted. Alternatively, you can delete just the local cache + (if any) are also deleted. Alternatively, you can delete just the local cache with the ``--cache-only`` option, or keep the security info with the ``--keep-security-info`` option.