Skip to content
Client Side Encrypted Backups - easy to use and zero chance of corruption.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Client Side Encrypted Backups

Easy to use and zero chance of corruption.


There are a number of encrypted backup programs available, however most can't prevent the occasional creation of a corrupt backup. Client-Side-Encrypted-Backups always produces reliable backups. Since corruption is not possible with Client-Side-Encrypted-Backups, only one full backup is needed (the first time that you do a backup).


  • A computer running Linux
  • Access to a SFTP server (in the cloud, at your office, at your place, anywhere). This is were your backups will be stored. If you don't have access to one, you can use CloudBuddy.

To Backup

user:~$ backup no-label|label-name


user:~$ backup no-label
user:~$ backup secrets-of-the-world

Examples of what the backup will be named on the server


To Restore

user:~$ restore name-of-backup


user:~$ restore hp-desktop**2019-03-21__12:28am
user:~$ restore hp-desktop**secrets-of-the-world**2019-03-21__12:28am


  1. Clone the repo
  2. cd Client-Side-Encrypted-Backups
  3. sudo ./ (Note: 'sudo' is required because all built binaries are copied to /usr/local/bin)

Setup Instructions

  1. Enter your information in config files [1] - [4], which are located in- $HOME/.cloudbuddy/input
    Note: leave config files [5] - [7] blank for this step
  2. Do a backup (see the To Backup section above for usage). It will ask you if you approve of the files that will go into the backup. If you see a file that you don't want to be in the backup, follow these steps:
    • select: Do not continue with the backup
    • add it to one of these config files: [5], [6] or [7]
    • run again

Here To Help

I'm of the opinion that as much as possible of a person's private 'stuff' should be encrypted so that it cannot be viewed by others. I've been doing backups in this manner for a while and decided to make it available so that others could use.

If you have questions, please contact me -


  • If you don't want to be prompted for your SFTP password every time that you do a backup (or a restore), then you can setup SSH public-key authentication. If you are using CloudBuddy to store your backups, those one time setup instructions are located here.
  • A log containing all files that you have backed up is located here: $HOME/.cloudbuddy/log/completed_backups
  • By default, the first backup is a full backup and every future one thereafter is incremental.
  • ccrypt provides the encryption for Client-Side-Encrypted-Backups.
  • (Ignore this section unless you want to alter the default behavior of Client-Side-Encrypted-Backups for some specific reason). Files that are created or modified after the timestamp on the timeStampMarker file will go into your backup as per your config file 1 minus config files 5-7 settings. Some examples below change the timestamp on the timeStampMarker file.
	# If you'd like a file to be in your next backup that hasn't changed since the previous backup
	# you can include it by refreshing it's timestamp
	touch path/file-name
	# set the timestamp of the timeStampMarker file to Epoch ()
	touch --date=@0 $HOME/.cloudbuddy/input/timeStampMarker

	# set the timestamp of the timeStampMarker file to 10pm on 1/1/2000
	touch -d "01 Jan 2000 20:00:00" $HOME/.cloudbuddy/input/timeStampMarker

	# set the timestamp of the timeStampMarker file to 12:30am on 3/27/2018
	touch -d "27 Mar 2018 00:30:00" $HOME/.cloudbuddy/input/timeStampMarker
You can’t perform that action at this time.