I’m trying to come up with a plan for backing up my personal files and server. In typical 3-2-1 style, I plan on having a local backup on device, local backup on my NAS, and cloud storage that’s encrypted before uploading (i.e. not via the cloud platform)

Disaster strikes - flood, fire, a particularly dedicated duck - all local data is gone and I have to restore from cloud. It’s encrypted, so clearly I need the key. Where do I store it?

I dont wanna rely on my memory or another server / service. I was considering making a bitwarden account since I already use a self-hosted vaultwarden for my logins and the chance of both bitwarden and my cloud storage both being compromised at the same time seems low, but you need a password and I will definitely forget. The backups have to be automatic so they can’t rely on something that needs my input.

Any ideas?

  • old_knurd@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I would be very very cautious about this.

    My experience with iPhones is that the fingerprint sensor can stop working if not used for a few months. What makes you confident that your USB key will be better?

    Unless you have reason to not trust the State or Federal government, you’re better off keeping stuff in plain text in the box.

    What about your key to the box? Is the key with you at all times? Is it a bank where people know you well? No key means the box will need to be drilled out, so be prepared to convince the bank that you are who you say you are.

    • JohnStern42@alien.topB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I’m sorry, but what? Fingerprint sensors on iPhones don’t fail if not used for a while. I can find no evidence of that.

      As for my situation, I’ve only detailed one aspect, I have other available avenues including copies in my desk at work and a personal safe.

      As for loosing a safety deposit box key, that’s a nothingburger, it happens all the time. Yes one would have to prove their identity to the bank to get the lock drilled out, so what? Wife’s name is on the box, so no biggie, heck the bank even specifies the ‘drill out’ charge in the contract I signed.

      As for ‘trusting’ the government, I don’t understand your point. What I don’t trust is a rogue employee at the bank, or someone convincing the bank they are me. I NEVER leave anything in the clear, always have at least a few stages to invoke the Swiss cheese model