AutoConfigBackup Configuration¶
To configure the Automatic Configuration Backup Service, navigate to Services > Auto Config Backup, Settings tab in the pfSense® software GUI.
This document describes each option available on the Settings tab.
Enable ACB¶
When checked, AutoConfigBackup is active and will make automatic configuration backups as determined by the other settings on this page.
Backup Frequency¶
This option controls when AutoConfigBackup creates backups.
- On Every Configuration Change:
When selected, AutoConfigBackup will create a backup on every significant configuration change.
Note
Some minor configuration changes are safely ignored if they do not impact functionality.
- On a Regular Schedule:
Enables Schedule controls to create periodic backups at specific times instead of creating a backup on every change. This can be more efficient on systems with many frequent changes.
Tip
The default schedule creates a backup once per day. In most cases it should not be set more frequently than that, or at most a 2-4 times per day. If a device requires more frequent backups, backing up each change is likely a better practice.
Note
If the configuration has not changed since the previous scheduled backup time, AutoConfigBackup will not make a new backup.
Schedule¶
Controls the Minute of the hour, Hours of the day, Day of the month, Month of the year, and Day of the week on which backups are performed using standard cron format.
The value of Minute is randomized until the page is saved. The default value
of Hours is 0
. The default for Day, Month, and Day of Week
are all *
. This results in a default schedule of a backup taken each day
during the midnight hour at a random minute.
Note
This control is only visible when Backup Frequency is set to On a Regular Schedule.
Device Key¶
The AutoConfigBackup service requires a unique identifier for each device, this is called the Device Key. AutoConfigBackup uses the device key to identify entries belonging to a specific device when uploading or retrieving backups, similar to a username.
AutoConfigBackup displays the device key on each AutoConfigBackup tab for reference.
Warning
Treat this key as a secret!
Anyone who has this key can manipulate the backups for this key.
The device key value defaults to a randomly generated string for new configurations as well as upgraded configurations with AutoConfigBackup disabled. This randomized device key is stored in the configuration. Previous versions of AutoConfigBackup used the SHA256 hash of the SSH public key on the device to generate the device key, these older style keys are now called “legacy keys”.
Note
Upgraded AutoConfigBackup configurations which are enabled and using a legacy key will continue using the legacy key until the key is changed manually or AutoConfigBackup is disabled.
Next to the Device Key reference field there is a Change Key
button. This button navigates to the Change Device Key page which allows administrators to generate or enter
a new Device Key.
Warning
Keep a careful record of this Device Key!
Each AutoConfigBackup tab has a download icon to save a local copy of the
device key (). Store this key in a safe and secure location.
If an administrator loses the Device Key, there is a chance Netgate TAC can help recover the key if AutoConfigBackup has a unique Hint/Identifier. If the hint is distinct, Netgate TAC may be able to use it to recover the device key. Do not count on this though!
Encryption Password¶
AutoConfigBackup encrypts the backup using the AES-256-CBC algorithm and this Encryption Password before it transmits the configuration to the AutoConfigBackup servers hosted by Netgate®.
Warning
This password is an encryption key, so the best practice is to use a long and complex string to ensure the backup contents are securely encrypted.
AutoConfigBackup only uses this password locally for encryption and decryption, it does not use or transmit the password as a login/credential.
When an administrator restores, views, or downloads an entry from the list of available remote backups, AutoConfigBackup fetches the remote backup entry and decrypts it with this password.
Danger
Keep a careful record of the encryption password! The encryption password is private and only known to the local device.
If the administrator loses the Encryption Password the backup contents cannot be recovered.
Danger
Changing this password will make AutoConfigBackup encrypt new backups using the new password, but old backups using a different password will no longer be readable by AutoConfigBackup.
Hint/Identifier¶
AutoConfigBackup sends the contents of the optional Hint/Identifier field as plain text metadata along with the encrypted configuration. This value is not visible to users, it is only visible to Netgate TAC.
If this hint is unique, it may allow Netgate TAC to locate a missing device key.
Manual Backup Limit¶
This setting controls the number of manual backups AutoConfigBackup will retain.
AutoConfigBackup can retain up to 50
manual backups, which it will not
overwrite with automatic backups. Manual backups still count against the
100
backup limit. When the amount of manual backups exceeds this limit,
AutoConfigBackup will remove older manual backups.
Descending Date Order¶
When set, AutoConfigBackup will sort the list of backup entries on the Restore tab in descending order by date (newest first) instead of the default order, which is oldest first.