-
- Veteran
- Posts: 338
- Liked: 35 times
- Joined: Jan 20, 2012 2:36 pm
- Full Name: Christensen Farms
- Contact:
How Encryption Works
I am looking to use the new encryption feature in v8. If I set encryption on a job, then the job runs for some time, in a few weeks if I go to do a restore of a file or the whole VM will I need to provide the encryption key? Or is that only if I have a new instance of VEEAM that I'd have to provide the key?
If I restore VM files from tape will I need to provide the key if I'm using the instance of VEEAM where I setup the encryption key?
I'm just curious when I would need to provide the key.
If I restore VM files from tape will I need to provide the key if I'm using the instance of VEEAM where I setup the encryption key?
I'm just curious when I would need to provide the key.
-
- Veeam Software
- Posts: 649
- Liked: 170 times
- Joined: Dec 10, 2012 8:44 am
- Full Name: Nikita Efes
- Contact:
Re: How Encryption Works
To get all the details about how the encryption works, you can read corresponding help topic.
Short answer to your question is the following: you don't need to enter password on the console, that made a backup, if it was not deleted from that console.
If you import existing backup into other console, or re-import into the same - password is required.
Short answer to your question is the following: you don't need to enter password on the console, that made a backup, if it was not deleted from that console.
If you import existing backup into other console, or re-import into the same - password is required.
-
- Veteran
- Posts: 338
- Liked: 35 times
- Joined: Jan 20, 2012 2:36 pm
- Full Name: Christensen Farms
- Contact:
Re: How Encryption Works
So if I have Enterprise Plus, and I have Enterprise Manager setup, keys are "automatically" created there when I create an encrypted backup?
Also, the best practices suggests that you change this key often. Won't that cause issues with backups made with previous keys? I assume at that point you need to keep track of what backups use what key?
Also, the best practices suggests that you change this key often. Won't that cause issues with backups made with previous keys? I assume at that point you need to keep track of what backups use what key?
-
- Veteran
- Posts: 7328
- Liked: 781 times
- Joined: May 21, 2014 11:03 am
- Full Name: Nikita Shestakov
- Location: Prague
- Contact:
Re: How Encryption Works
Not issues but additional steps.
For instance, say you have backup job with increments and the password has changed once or several times.
So when you are importing a backup file, you will need to specify the whole set of passwords that were used for the files encryption in the chain.
For instance, say you have backup job with increments and the password has changed once or several times.
So when you are importing a backup file, you will need to specify the whole set of passwords that were used for the files encryption in the chain.
-
- Veteran
- Posts: 338
- Liked: 35 times
- Joined: Jan 20, 2012 2:36 pm
- Full Name: Christensen Farms
- Contact:
Re: How Encryption Works
So are keys automatically created in Enterprise Manager without me doing a thing? Or do I need to make changes there when I enable encryption?
If I have a backup that is a year old that I need to restore from tape, and the encryption key has changed a few times since then, I'd need to have record of what encryption keys go to which backups correct? That is where I think a best practice of continually changing encryption keys can be dangerous.
If I have a backup that is a year old that I need to restore from tape, and the encryption key has changed a few times since then, I'd need to have record of what encryption keys go to which backups correct? That is where I think a best practice of continually changing encryption keys can be dangerous.
-
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: How Encryption Works
No need for any additional steps, everything is pretty automatic. Probably this description will answer most of the questions.cffit wrote:So are keys automatically created in Enterprise Manager without me doing a thing? Or do I need to make changes there when I enable encryption?
If the backup is not registered in Veeam B&R console anymore or information about the tape is not available in the catalog, then yes, you need to remember all the keys. That is why we've implemented lost password protection.cffit wrote:If I have a backup that is a year old that I need to restore from tape, and the encryption key has changed a few times since then, I'd need to have record of what encryption keys go to which backups correct? That is where I think a best practice of continually changing encryption keys can be dangerous.
Who is online
Users browsing this forum: Bing [Bot] and 34 guests