How to decrypt your AES-encrypted backups?
Decrypt backups step by step using your RSA private key and AES
Steps to decrypt AES-encrypted backup
- Download your encrypted backup
- Download the AES encryption passphrase
- Decrypt the encryption passphrase using your RSA private key
- Decrypt your backup using the decrypted passphrase
Step 1. Decrypt your encryption passphrase first using the following command:
cat encryption-passphrase.pass | base64 -d | openssl rsautl -decrypt -inkey private-key.pem -out decryption-passphrase.txt
private-key.pem is your private key (you never share it with anyone),
encryption-passphrase.pass is the encrypted passphrase used to encrypt your backup via AES-256.
Step 2. Finally, to decrypt your backup, you could use the following command:
openssl enc -d -aes-256-cbc -md sha512 -in encrypted-file-from-simplebackups.sql.gz -out decrypted-file.sql.gz -pass file:/home/path/decryption-passphrase.txt
encrypted-file-from-simplebackups.sql.gz is your encrypted SimpleBackups backup archive,
decryption-passphrase.txt is the decrypted passphrase which will decrypt your backup.
encryption-passphrase.passcan only be decrypted using your RSA private key
- Your backup can only be decrypted using the decrypted
- We store your
encryption-passphrase.passon our side, it is unique per backup run
- You are responsible for securing, and keep your
- No one can read or decrypt your encrypted backups, except you