Encrypted LAN transfers

I am currently testing urbackup and so far it looks really good!
However something is unclear to me. I am running windows clients version 2.5.20 and the linux (docker) server version 2.5.26.

The server admin guide states:

The transfer of data from client to server is unencrypted on the local network allowing eavesdrop-
ping attacks to recover contents of the data that is backed up. With this in mind you should use
UrBackup only in trusted local networks. Be aware that it is really easy to redirect traffic in local
networks if no action has been taken to prevent that.

However in the client changelog for version 2.5.19, I can read:

Local connection between server and client can now be encrypted

There is also this commit: Add local/passive connection encryption/compression · uroni/urbackup_backend@225ef5e · GitHub

Does it mean that the traffic is now encrypted also on local networks? How can I make sure that the traffic is encrypted? I saw a setting on the server side (Encrypt local/passive transfers) but nothing in the client GUI.


Yes, encryption can now be enabled in the server-side settings (as of a fairly recent update) and I believe the admin guide is just out of date. I don’t believe there is any client-side settings for this as it’s controlled at the server level.

1 Like