Question on ACB
-
When a new, replacement FW is built and a new Device Key is created, what happens to the old backups on Netgate's
side hooked to the old Device Key? Thanks for reading. -
The encrypted backups remain on the server in case you need to restore them using the old key.
As far as I know there is no policy in place to remove them but I expect that will change at some point if the required storage volume became in issue.
Steve
-
@stephenw10
Thanks for the reply. I just happened to think of this when I last rebuilt my home FW. I suppose they could run a routine to delete backups under any Device Key that hasn't been accessed in, say, 3 months, as I'm sure that would indicate the FW is no longer active. Pretty sure anyone using the facility would be backing up once a week if not more often. Thanks again. -
Just found this thread and I guess it will already answer my question.
I was forced to install one of my SG-3100 applicances from scratch (for any reasons GUI was unresponsive after update to 22.01, at 2nd SG-3100 all was fine).
By accident I did not backup the SSH keys, so after new installation the applicance created a new device key for ACB.
I was able to perform a configuration restore (old device key was known and stored locally), but I was wondering about how to delete the old backups.
So far as I found here it is not possible to manage the old backups and they will kept on the server!?It should be a thought at Netgate to make this backups manageable/deletable, may be in combination with the stored backup password.
Regards
-
Yes, it's something we would like to see. A new front-end for accessing and managing backups outside the pfSense interface is something we are working towards.
Steve