Generate a Keyfile
Generating random keys
Resticprofile includes a tool to generate cryptographically secure, base64-encoded random keys. Save the key to a file and use it as a strong key for Restic.
- On Linux, FreeBSD, Dragonfly, and Solaris, Reader uses
getrandom(2)
. - On legacy Linux (< 3.17), it uses
/dev/urandom
. - On macOS, and OpenBSD Reader, uses
arc4random_buf(3)
. - On NetBSD, Reader uses the kern.arandom sysctl.
- On Windows, Reader uses the ProcessPrng API.
Reference from the Go cryto library documentation
resticprofile generate --random-key
Generates a 1024-byte random key (converted to 1368 Base64 characters) and displays it in the console.
To generate a key of a different size, specify the byte length in the command line.
resticprofile generate --random-key 2048