One more TrueCloud Backup question that wasn’t answered on the “Manage” page.
Is the “Password” field of the task page used to encrypt the data before it leaves TrueNAS such that Storj cannot see the contents of the data? It appears to be the case that it’s encrypted so I just want to confirm that and whether the “Password” field plays a role in that or if it’s used for something else.
Thanks in advance!
Primarily all I care about is: Is this the client side encryption password so that Storj knows nothing about my data?
A “yes” or “no” answer is perfectly sufficient for me.
Thanks!
This is what we have documented:
Enter a password for the backup repository. Record this password in a secure location. Required to recreate the task using the same bucket/folder, such as in a new TrueNAS install or system, or to restore data from the existing snapshots in another TrueNAS system.
I’m not aware of any encryption related to this password.
Yes, which is why I would like an absolute yes or no to this. Restic (which is the backend of TrueCloud Backup as far as I can tell) requires a password and the Restic docs say that all data is encrypted with AES-256. I just want to make sure that TrueNAS isn’t doing anything funky behind the scenes such that the data stored could be accessed by anyone other than myself.
The only thing TrueNAS does with the provided password is pass it to restic via the environment variable “RESTIC_PASSWORD” each time the repository is accessed. TrueNAS leaves the encryption to restic alone.
Perfect. That’s what I needed to know. Thank you @creatorcary !
