Login | Register
ID #1006

How do I decrypt encrypted EHCP Backup Files, and how does the backup / restore process work?

Decrypting Encrypted EHCP Remote Backups

 

If you've used the schedule a remote backup feature (available to admin users), EHCP will create an ecrypted archive using OpenSSL.  The backup file will end with the .enc extension.  This backup archive is then transferred to another remote server based on the settings you specified (transferred by either FTP or SCP transfer).  If you ever need to restore this backup, you can restore it from the local or remote copy. 

 

If you're using the remote copy that you transferred to another server to have multiple copies of your backup, the first thing you need to do is unencrypt the backup file by using the following command.

 

For SCP (By Default SCP Transfers the Encrypted File to the User's Home Directory)

cd /home/{YOUR_USERNAME}
openssl enc -aes-256-cbc -d -in {YOUR_BACKUP_FILE_NAME}.tgz.enc -out {YOUR_BACKUP_FILE_NAME}.tgz -k '{YOUR_ENCRYPTION_PASSWORD_STORED_IN_THE_PANEL}'

 

For FTP (Backup File Could Be Anywhere)

cd /{dir_with_backup}
openssl enc -aes-256-cbc -d -in {YOUR_BACKUP_FILE_NAME}.tgz.enc -out /home/{YOUR_USERNAME}/{YOUR_BACKUP_FILE_NAME}.tgz -k '{YOUR_ENCRYPTION_PASSWORD_STORED_IN_THE_PANEL}'
cd /home/{YOUR_USERNAME}

 

Please be sure to name the unencrypted .tgz file the same name as it was before (minus the ".enc" extension). If you do NOT do this, the restore process in the EHCP control panel will fail as it expects the extracted folder name from the tgz file to match its filename.

For example, if my encrypted backup file is named "1_1_1_1_mondaybk_4_3_2015_090017_ehcp_backup.tgz.enc", I would use "1_1_1_1_mondaybk_4_3_2015_090017_ehcp_backup.tgz" as the value after the "-out" parameter from the OpenSSL commands above.  In the control panel itself, I would use "1_1_1_1_mondaybk_4_3_2015_090017_ehcp_backup.tgz" as the name of the backup to begin the restore process.

 

Restoring an EHCP Backup on Any Server

 

To a restore a backup on any server with EHCP installed, you must copy the .tgz file to the server's /var/backup directory. If the folder does not exist, you need to create it as the root user:

sudo mkdir -p /var/backup

 

Next, go to the panel, login as admin, and choose "Restore Backup" in the main options. Enter the path to the backup file which ends in the .tgz extension. In our example, the full path would be /var/backup/{YOUR_BACKUP_FILE_NAME}.tgz

The daemon will import all of your backup up files including database copies, email accounts, and more.

Tags: backup, backups, decrypt, encrypted, encryption, file, files, remote, restore, schedule, scheduled, unencrypt

Related entries:

You cannot comment on this entry