Here’s a step-by-step guide on how to set up Duplicity for encrypted backups:
sudo apt update
sudo apt install duplicity
sudo dnf install duplicity
sudo pacman -S duplicity
Duplicity uses GnuPG to encrypt your backups, so you’ll need to have it installed:
sudo apt install gnupg
sudo dnf install gnupg2
sudo pacman -S gnupg
If you don’t already have a GPG key, create one:
gpg --full-generate-key
To verify the creation of your GPG key:
gpg --list-keys
You’ll need the GPG key ID for the next steps. It’s usually a 16-character hex string, visible after running gpg --list-keys.
You can now perform your first encrypted backup. Replace /path/to/source, user@server, and /path/to/destination with your specific directories and remote locations.
duplicity --encrypt-key YOUR_GPG_KEY /path/to/source scp://user@server//path/to/destination
--encrypt-key YOUR_GPG_KEY: This tells Duplicity to use the specified GPG key for encryption./path/to/source: This is the directory or file you want to back up.scp://user@server//path/to/destination: This is the remote or local backup destination (it can be a local directory, FTP server, or any supported backend).You can use a cron job to automate your backups. Here’s how to add a daily backup:
crontab -e
Then add the following line to schedule a daily backup at midnight:
0 0 * * * duplicity --encrypt-key YOUR_GPG_KEY /path/to/source scp://user@server//path/to/destination
To restore your backup to a specified directory:
duplicity restore scp://user@server//path/to/destination /path/to/restore
This will retrieve the backup and decrypt it using your GPG key.
To verify a backup (making sure it is complete and valid):
duplicity verify scp://user@server//path/to/destination /path/to/source
This compares the current source directory with the backup to confirm data integrity.
To list files in a backup:
duplicity list-current-files scp://user@server//path/to/destination
This helps verify which files are stored in your backup.
Do you need help or support for Duplicity? Feel free to contact us!