So you would have to backup to the local host, then download it?
Maybe I’m being naive, but if I backup to my NAS, my home assistant fails, how do I access it unencrypted?
I hope I am being stupid, because I want this to work
5 Likes
If your HA failed, you would restore it from the encrypted backup. I think that PR is a result of people saying they need unencrypted backup to manually copy paste some code from it.
AAAAHHHH WTH?! If i just add unencrypted tar to my usr\share\hassio\backup
Home assistant isnt picking it up…
Also deleted a file and it kept showing up in home assistant… so had to add dummy file again with same “slug” id and then remove it from home assistant… 
Is home assistant backup part keeping a local database / json somewhere of the backup files?
Also uploading gives me 413 error…
i suppose when you create a backup you can downloaded unecrypted tar?
I guess we are all just speculating on commits. Maybe there will be more.
But given the lack of information, what else can we do?
Decisions have been made as people are committing stuff… But no one can tell us what those decisions were…
I’m gonna bite my tongue as the ban hammer was waved,
7 Likes
It feels like this whole backup thing isn’t even in beta yet… maybe alpha or something.
Bugs and errors and now i cannot restore a prevriously unencrypted backup…
Please go back to the drawing board with this…
It actually hasn’t been fully swung, most people stopped when asked. 
I’ve stated more than once that we are still finalizing things. Speculating won’t help anyone in here.
3 Likes
2 Likes
Have you ever tried to download the backup through WEB interface of HA?
It’s an interesting experience, especially looking at system resources disappearing…
Consideration of uploading/downloading backups through HTTP alone is pure off.
I just can see the next wave of complaints, once we get the option to decrypt backups automatically… exclusively for HTTP downloads 
4 Likes
Nope, I have never tried that 
Anyway, it’s just one or two PRs. Nobody said this is all that will happen about the encryption.
It’s clear that the developers are serious about security, even if some think they’ve gone a bit overboard with the encryption, so I’m sure they will provide us with the options we asked for. Hopefully before the end of the month, but if not, I’m sure they should make it into the beta for next month.
1 Like
Hope is not a plan.
The problem is yes the planners are serious about security. Unfortunately if you’re not a security person all the time you can often make insecure or inadvisable decisions in the ‘name of’ security that ‘seem’ better. But it’s a big problem and there are entire practices of study around this that a lot of us hang our entire CAREERS on Thus why we tend to be a vocal bunch. And (good) security pros are trained to always point out the flaw.
Nobody seriously thinks it malicious as far as I read. Just decisions (seem to have been) made without either a security or infrastructure architect. Don’t get me wrong I love my developers but developer architects simply do NOT think as security or infrastructure architecture pukes do.
Infrastructure guys are no stop woah while dev is go go go. Which one do you want writing your code? Infra people are notorious progress blockers. We know it. And it leads to these kinds of things.
It happens. However hope is still not a plan. Calm discussion about what happened and why and discussing the reasoning below the decisions on both sides. I’m eager to hear what they came up with.
Sooner rather than later. That part is where I hope.
8 Likes
Upgrading to the latest version caused all my hacs lovelace addons to break, getting a 404 for js files that absolutely exist. Curling them from their expected urls fails. Only thing that fixed it was rolling back the update from a backup.
After hearing all this about encrypted backups not having opt out (which I don’t want at all) I think I’ll hold off updating for January until the smoke clears.
In case any decision makers actually read this (I’ve contributed to HA before, but the people that make these big decisions are not the rando contributors like me). Encrypt by default is fine, but there needs to be a way to opt out. many people have lost the keys to their million dollars of bitcoin, if that happens then you’re no doubt going to have people lose access to their backups. yes config files can have passwords in them, but if they aren’t encrypted in on the HA system then why do they have to be encrypted in a backup? That’s like saying trust home assistant but don’t trust yourself. Pop up a “Backups may contain password or other sensitive data and should be treated as such” so that its not a secret to noobs and then let me decided how to manage my backups.
1 Like
(post deleted by author)