Commit graph

15 commits

Author SHA1 Message Date
TW
5e2da157be
Merge pull request #9769 from ThomasWaldmann/docs-key-subcommands
docs: add docs for "key add", "key list" and "key remove"
2026-06-13 23:47:58 +02:00
Thomas Waldmann
d5cd72b179 docs: add docs for "key add", "key list" and "key remove"
The multi-key feature (#9743) added the "borg key add", "borg key list"
and "borg key remove" subcommands but never wired up their docs:

- scripts/make.py: map key_add/key_list/key_remove to the "key" usage
  group, so build_man can locate their examples (it previously aborted
  with FileNotFoundError: docs/usage/key_add.rst).
- docs/usage/key.rst: include the three new generated snippets so they
  show up on the HTML key page.
- regenerate the affected docs: new key_{add,list,remove}.rst.inc usage
  snippets, new borg-key-{add,list,remove}.1 man pages, and borg-key.1
  (SYNOPSIS + SEE ALSO now reference the new subcommands).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 21:37:21 +02:00
Thomas Waldmann
d2bc45f56d
key: unify keyfile/repokey classes, locate key independent of type byte (#9743)
Borg used to read the manifest's key-type byte and then look for the key in
exactly one place (keyfile or repokey) depending on the key class that byte
selected. As a result every crypto suite was duplicated into a keyfile class
and a repokey class that differed only in TYPE, NAME, ARG_NAME and STORAGE.

Now key *location* is independent of the type byte: detection tries keyfiles
first and repokeys afterwards until a passphrase unlocks a key. The type byte
still selects the crypto suite (id hash, MAC, cipher) to instantiate. Where a
key is stored (keyfile vs repokey) is therefore a per-key property
(self.storage), not a separate class, so a repository may even hold a mix of
keyfile- and repo-stored borg keys.

With storage decoupled from class identity, the keyfile/repokey class pairs
collapse into one class per crypto suite:
- modern AEAD: AESOCBKey, CHPOKey, Blake3AESOCBKey, Blake3CHPOKey
- legacy borg 1.x (read-only): AESCTRKey, Blake2AESCTRKey
There is now exactly one type byte per modern crypto suite (the old separate
repokey type bytes 0x11/0x21/0x31/0x41 were removed; borg2 is beta and only
needs to read repos it created). identify_key() matches on TYPES_ACCEPTABLE.

CLI: --encryption selects only the crypto suite (aes-ocb, chacha20-poly1305,
blake3-aes-ocb, blake3-chacha20-poly1305, authenticated*, none); the storage
location is chosen with the new --key-location=repokey|keyfile (default
repokey). The old combined modes (repokey-aes-ocb etc.) were removed.
borg key import also gained --key-location. borg key change-location no longer
swaps key classes or rewrites the manifest; it just re-saves the unlocked key
at the new location.

Keyfile removal (key remove, change-location) now overwrites the keyfile with
random data via secure_erase() before unlinking, consistent with save().

borg 1.x legacy read compatibility is preserved (the legacy class merge is a
behavior-preserving rename; the legacy type bytes incl. PASSPHRASE stay in
TYPES_ACCEPTABLE).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-12 23:48:45 +02:00
Mrityunjay Raj
02f447536c docs: document platformdirs change and platform-specific directory paths, fixes #7332 2026-02-27 11:50:35 +05:30
Thomas Waldmann
04dfadbbd6
cli: rename r* commands to repo-*
also:
- adapt tests
- adapt BuildMan manpage generation
- adapt help strings / doc strings
- docs
2024-09-08 18:06:24 +02:00
Thomas Waldmann
6211a3dc79
key export: move examples to docs 2024-07-19 19:44:38 +02:00
Thomas Waldmann
54892f711d
key change-passphrase: fix --encryption value in examples
"repokey" (as in borg < 2.0, referring to the AES-CTR mode)
does not exist any more and was superseded by other repokey-*
modes.
2023-01-16 17:58:50 +01:00
Helmut Grohne
e210c6c053 delete left over documentation for borg key change-algorithm 2023-01-13 13:20:49 +01:00
Thomas Waldmann
78230dd299 docs: key: fix keyfile mode in example 2022-08-03 18:46:50 +02:00
Thomas Waldmann
51cf85e627 build_usage / build_man / doc updates 2022-06-25 21:58:19 +02:00
Andrey Andreyevich Bienkowski
08f82ee408
Argon2: documentation and changelog (#6560)
docs: borg key change-algorithm
docs: borg init --key-algorithm
docs: "this is not a borg repo" can be due to argon2 and old borg
2022-04-11 11:21:07 +02:00
Thomas Waldmann
a91dd04d11 docs: usage: add benchmark cpu and key change-location 2022-03-26 23:40:03 +01:00
Matthew Glazar
5a32de918e allow key-import+BORG_KEY_FILE to create key files
Running 'borg key import' on a keyfile repository with the BORG_KEY_FILE
environment variable set works correctly if the BORG_KEY_FILE file
already exists. However, the command crashes if the BORG_KEY_FILE file
does not exist:

    $ BORG_KEY_FILE=newborgkey borg key import /home/strager/borg-backups/straglum borgkey
    Local Exception
    Traceback (most recent call last):
      [snip]
      File "[snip]/borg/crypto/key.py", line 713, in sanity_check
        with open(filename, 'rb') as fd:
    FileNotFoundError: [Errno 2] No such file or directory: '[snip]/newborgkey'

    Platform: Linux straglum 5.0.0-25-generic #26~18.04.1-Ubuntu SMP Thu Aug 1 13:51:02 UTC 2019 x86_64
    Linux: debian buster/sid
    Borg: 1.1.11  Python: CPython 3.7.7 msgpack: 0.5.6
    PID: 15306  CWD: /home/strager/Projects/borg
    sys.argv: ['[snip]/borg', 'key', 'import', '/home/strager/borg-backups/straglum', 'borgkey']
    SSH_ORIGINAL_COMMAND: None

Make 'borg key import' not require the BORG_KEY_FILE file to already
exist.

This commit does not change the behavior of 'borg key import' without
BORG_KEY_FILE. This commit also does not change the behavior of 'borg
key import' on a repokey repository.
2020-06-04 19:29:15 -07:00
Marian Beermann
a1a92bf00f docs: less space waste following "Common options" 2017-06-20 11:53:36 +02:00
Marian Beermann
8fb7db71bc docs: split usage 2017-06-07 00:38:48 +02:00