Does passbolt backup.sql content is encrypted?

I have been wondering if the content of Passbolt backup file (backup.sql) is encrypted or not. If it is not encrypted, how to encrypt it and how to set password on the backup.sql file so people cannot easily access the content.

Hello @haziqmr, welcome to the forum.

backup.sql is the content of the database, so passwords and descriptions are encrypted by default, but other things are not.
If you want to encrypt backup.sql it is possible to encrypt it with GPG.

  • import your gpg public key: gpg --import <YOUR_PUBLIC_KEY_FILE>

  • encrypt the file: gpg --recipient <EMAIL_FROM_THE_IMPORTED_PK> --encrypt backup.sql

Since the backup has been generated from the server, and the server got the keyring of your public key, you can use it to encrypt/decrypt the content of backup.sql
Please note that to use the backup file you will have to decrypt it with your private key so make sure to have it somewhere safe.