- 2 minutes to read
- Print
- DarkLight
- PDF
How to export and open data from senhasegura
- 2 minutes to read
- Print
- DarkLight
- PDF
Requirements
- Have the System Administrator role.
Path to access
- In senhasegura, in the upper-left corner, click the Grid Menu, represented by nine squares, and select Settings.
- In the side menu, select Backup > Export history
Export data
- In the Export history report, in the lower-right corner, click Export info.
- You'll be directed to the Export info window. In this window, fill in the following fields:
- Key mode: select one of the two options:
- Parts: you'll need to enter the parts of the master key.
- In this case, you should enter one part per line in the text field Parts of ley (one per line), which is located just below the two options.
- Complete key: you'll need to enter the master key obtained in the master key ceremony.
- In this case, you should enter the complete master key in the text field Master key, just below the Parts of key field.
- Parts: you'll need to enter the parts of the master key.
- Key mode: select one of the two options:
- Click Export data.
A message indicating the success of the operation will appear, and the export request record will be displayed in the Export history report. To download the data, you'll need to wait until it becomes available. When the download is ready, the Download option will be available in the Action column of the report.
Open the backup file
The encryption of a backup is generated based on the master key that was active in the system at that exact moment. If a new master key ceremony has occurred, resulting in the generation of a new cryptographic key, it won't be possible to access a backup created earlier, as it's linked to the previous master key.
Requirements
- You must have AES Crypt installed, according to the operating system you're using, to decrypt the backup files.
- The procedures described below assume that the directories and paths indicated are the default directories and paths.
Open files on Windows
- After clicking Download, a
tar.gz
file will be downloaded. You'll need to unzip this file. - After unzipping the backup file, navigate through the folder structure to the data you want to decrypt.
Directory structure
The directory structure for saved files follows this pattern:
YYYY-MM-DD/
├── Credentials/
│ ├── [device1]/
│ │ └── credential_1.aes
│ ├── [device2]/
│ │ └── credential_2.aes
│ └── [deviceN]/
│ └── credential_N.aes
└── Sshkeys/
└── ...
Where:
- YYYY-MM-DD represents the file creation date (year-month-day).
- [dispositivo1], [dispositivo2], etc., are the names of devices registered in the vault.
Locating and decrypting process
- Access the folder with the desired date (for example,
2024-09-13
). - Access the
Credentials
subfolder. - Choose the folder of the specific device (for example,
ubuntu
,debian
,win2000
). - Locate the
.aes
file corresponding to the desired credential (for example,credencial_1.aes
). To decrypt the.aes
file, use the AES Crypt.
Example
For a file created on September 13, 2024, containing credentials for an Ubuntu device:
- Access the
2024-09-13
folder. - Enter the
Credentials
subfolder. - Open the
ubuntu
folder. - Locate the
credential_1.aes
file. - Use AES Crypt to decrypt
credential_1.aes
.
Make sure you have the necessary permissions and the correct decryption key when using AES Crypt.
Open files on Linux
- Through the command line, access the shared folder that receives the senhasegura backup data.
- Locate the folder where the files are stored and look for the path
/srv/backup_remoto/secrets/
. - Choose the folder with the date you want to access the backup.
- Choose the file with the
.aes
extension. In the terminal, type the commandaescrypt -d -p <MasterKeyPassword> <file.aes>
to decrypt the backup file.
Você ainda tem dúvidas? Entre em contato com a Comunidade senhasegura.