This page describes how to manually store a backup file in case a local copy is needed.
Every backup is encrypted from the a9s Backup Agent using the OpenSSL library which is shipped with the underlying stemcell. For Stemcells below Ubuntu-Bionic, the OpenSSL library is on version 1.0.x. When the backup is encrypted with this OpenSSL version, you're not able to decrypt the backup with OpenSSL 1.1.x. This means when you want to decrypt a backup, you need the following OpenSSL version:
|below Ubuntu-Bionic (Ubuntu 18.04)
|Ubuntu-Bionic (Ubuntu 18.04) and above
The same is valid when Ubuntu Bionic is used. It uses OpenSSL 1.1.x to encrypt backups so you won't be able to decrypt backups with OpenSSL 1.0.x.
Create and Download Backup File
By default, backup files are encrypted with a secret key. That secret key is generated by the a9s Backup Manager.
To be able to download the backup, the user has to set up an encryption key.
To set up an encryption key and download the backup, you can follow these steps: Download a Backup.
Decrypting Backup Files
You can decrypt a backup file with the openssl program.
Use the following command:
cat <encrypted-backup-file> | openssl enc -aes256 -md md5 -d -pass 'pass:<encryption-key>' > <decrypted-backup-file>.gz
The file will still be compressed, so you will need to decompress it:
cat <decrypted-backup-file>.gz | gunzip -c > <backup-file-name>
Every service creates the backup according to its architecture (single vs cluster) and backup type (logical, continuous archiving etc).
Each service provides tools that handle the data by itself. For this reason, the output of this command can be a still zipped file, POSIX tar archive, a binary file, or a plain text file.
To know how to proceed, click the service below for more details:
You can also check the header of the file to decide how to decompress it.
|How to extract
POSIX tar archive (GNU)
tar -xvf <backup-file-name>
gzip compressed data
|It's ready to use as plain text data or as binary.
Be careful here, since the output of this command can be multiple files.
At this point, you will have your local backup ready to be manually restored in another place.