Generate a Keyfile
Generating random keys
resticprofile has a handy tool to generate cryptographically secure random keys encoded in base64. You can simply put this key into a file and use it as a strong key for restic.
- On Linux and FreeBSD, the generator uses
getrandom(2)if available,/dev/urandomotherwise. - On OpenBSD and macOS, the generator uses
getentropy(2). - On other Unix-like systems, the generator reads from
/dev/urandom. - On Windows systems, the generator uses the uses the RtlGenRandom API.
- On JS/Wasm, the generator uses the Web Crypto API.
- On WASIP1/Wasm, the generator uses
random_getfromwasi_snapshot_preview1.
Reference from the Go documentation
resticprofile generate --random-keygenerates a 1024 bytes random key (converted into 1368 base64 characters) and displays it on the console
To generate a different size of key, you can specify the bytes length on the command line:
resticprofile generate --random-key 2048