pgmoneta

home  
releases  
getting started  
tutorials  

github  
discussions  
issues  
license  
pgmoneta  

Configuration Metrics News About

Enable Encryption and Decryption in pgmoneta workflow

By default, the encryption is disabled. To enable this feature, modify pgmoneta.conf:
encryption = aes-256-cbc
    
Many encryption modes are supported, see Configuration for details.

as pgmoneta user

Encryption and Decryption Commands

pgmoneta use the same key created by pgmoneta-admin master-key to encrypt and decrypt files.

Encrypt a file with pgmoneta-cli encrypt, the file will be encrypted in place and remove unencrypted file on success.

  
pgmoneta-cli -c pgmoneta.conf encrypt <path-to-your-file>/file.tar.zstd
    
Decrypt a file with pgmoneta-cli decrypt, the file will be decrypted in place and remove encrypted file on success.
pgmoneta-cli -c pgmoneta.conf decrypt <path-to-your-file>/file.tar.zstd.aes
    
pgmoneta-cli encrypt and pgmoneta-cli decrypt are built to deal with files created by pgmoneta-cli archive. It can be used on other files though.