Will the Operator be prompted for a security key when an end-user submits a restore from a backup that has been encrypted by VM:Backup?
No, the Operator is not prompted for a security key when an end-user submits a restore. However, when restoring from an encrypted backup, the end-user is prompted for the key. The user is not presented with a list of files that have been backed up, so, they will have to enter the specific filename/filetype of the file they wish to restore.
VM:Backup has multiple encryptions algorithms to choose from.
When a customer decides to use encryption they need to specify two things for every backup and every restore:
- The encryption algorithm VM:Backup should use during the job (backup or restore) and
- The encryption key to use during the job (backup or restore).
Therefore, a backup job using the AES 128 encryption algorithm will need an AES 128 encryption key to go with it. A restore job of this data will need to specify the AES 128 algorithm to use and the same AES 128 encryption key used at backup time.
A backup job using the AES 256 encryption algorithm will need an AES 256 encryption key to go with it. A restore job of this data will need to specify the AES 256 encryption algorithm and the associated AES 256 encryption key used at the time of the backup.
You will need to make note of what algorithm was used for what job.