tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

docs: clarify that client-server communication is secure

Browse Source 
This clarifies the fact that all communication between client and server
uses TLS for secure communication.

Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
This commit is contained in:
Dylan Whyte 2021-01-19 15:17:21 +01:00 committed by Dietmar Maurer
parent bf78f70885
commit 44a5f38bc4
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/faq.rst
View File

@ -53,9 +53,12 @@ checksums. This manifest file is used to verify the integrity of each backup.
When backing up to remote servers, do I have to trust the remote server? When backing up to remote servers, do I have to trust the remote server?
------------------------------------------------------------------------ ------------------------------------------------------------------------
Proxmox Backup Server supports client-side encryption, meaning your data is Proxmox Backup Server transfers data via `Transport Layer Security (TLS)
encrypted before it reaches the server. Thus, in the event that an attacker <https://en.wikipedia.org/wiki/Transport_Layer_Security>`_ and additionally
gains access to the server, they will not be able to read the data. supports client-side encryption. This means that data is transferred securely
and can be encrypted before it reaches the server. Thus, in the event that an
attacker gains access to the server or any point of the network, they will not
be able to read the data.
.. note:: Encryption is not enabled by default. To set up encryption, see the .. note:: Encryption is not enabled by default. To set up encryption, see the
`Encryption `Encryption

16
docs/introduction.rst
View File

@ -14,11 +14,12 @@ It supports deduplication, compression, and authenticated
encryption (AE_). Using :term:`Rust` as the implementation language guarantees high encryption (AE_). Using :term:`Rust` as the implementation language guarantees high
performance, low resource usage, and a safe, high-quality codebase. performance, low resource usage, and a safe, high-quality codebase.
Proxmox Backup uses state of the art cryptography for client communication and Proxmox Backup uses state of the art cryptography for both client-server
backup content :ref:`encryption <encryption>`. Encryption is done on the communication and backup content :ref:`encryption <encryption>`. All
client side, making it safer to back up data to targets that are not fully client-server communication uses `TLS
trusted. <https://en.wikipedia.org/wiki/Transport_Layer_Security>`_, and backup data can
be encrypted on the client-side before sending, making it safer to back up data
to targets that are not fully trusted.
Architecture Architecture
------------ ------------
@ -65,8 +66,9 @@ Main Features
several gigabytes of data per second. several gigabytes of data per second.
:Encryption: Backups can be encrypted on the client-side, using AES-256 in :Encryption: Backups can be encrypted on the client-side, using AES-256 in
Galois/Counter Mode (GCM_) mode. This authenticated encryption (AE_) mode Galois/Counter Mode (GCM_). This authenticated encryption (AE_) mode
provides very high performance on modern hardware. provides very high performance on modern hardware. In addition to client-side
encryption, all data is transferred via a secure TLS connection.
:Web interface: Manage the Proxmox Backup Server with the integrated, web-based :Web interface: Manage the Proxmox Backup Server with the integrated, web-based
user interface. user interface.