Allow client-side encrypted backups for Android app

Nazar Mokrynskyi nazar at mokrynskyi.com
Wed Feb 8 14:00:09 UTC 2023


No, I'm requesting for Wireguard Android app to stop intentionally disallowing backups:
https://git.zx2c4.com/wireguard-android/tree/ui/src/main/AndroidManifest.xml?id=713947e432126e0e29dcf497960e5fa0f6301e2b#n36

Sincerely, Nazar Mokrynskyi
github.com/nazar-pc

08.02.23 15:34, John Sahhar пише:
> I missed the intro to this thread, but if I'm understanding correctly
> you need a safe way to back up your wg keys/configs? I wrote a bash
> script a few years ago which I use for that, perhaps a starting place
> for what you're trying to accomplish.
>
> https://github.com/ok-john/wireguard-tools/tree/master/contrib/key-grid
> https://syscall.network/releases/key-grid.svg
>
> --
> Regards,
> John Sahhar
> Cryptographer @ Entropy
>
> On Wed, Feb 8, 2023 at 12:44 PM Nazar Mokrynskyi <nazar at mokrynskyi.com> wrote:
>> I know there is an export feature in the app and I used it successfully, but it doesn't make much sense to me to have that and disable OS backups at the same time.
>> There are use cases for one-off copying of things for which exporting as zip is great, but there are also others.
>>
>> I don't want to have set a reminder and regularly go though every single app manually, use their flavor of backup feature (that doesn't necessarily store everything BTW, including in Wireguard), then collect the files somehow, encrypt them and send to the destination.
>>
>> What I want is automation: configure the tool (SeedVault in my case) to create backups of all apps every day and store them in encrypted form on my private Nextcloud instance with ability to restore backups easily later on.
>> The issue is that some apps like Wireguard prevent me from enjoying that workflow fully and right now I don't see why would it be beneficial for Wireguard to intentionally prevent that.
>>
>> With that context I hope it is clearer why I'd appreciate for current design decision around that to be re-evaluated.
>>
>> Sincerely, Nazar Mokrynskyi
>> github.com/nazar-pc
>>
>> 08.02.23 04:19, David Cowden пише:
>>> On Android 12+ you can configure which files are backed up (among other things) at runtime using the BackupAgent API https://developer.android.com/guide/topics/data/autobackup. Would you be opposed to this being a configurable option that defaults to off?
>>>
>>> David
>>>
>>> ------- Original Message -------
>>> On Tuesday, February 7th, 2023 at 7:03 PM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>>>
>>>
>>>> I think I'd prefer to still keep this a bit more locked down. There is
>>>> the "export tunnels as zip" feature (which requires an explicit
>>>> authentication step each time), which you can use for backup/restore.
>>>>
>>>> Jason
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x8CF6D73DB34AAFEA.asc
Type: application/pgp-keys
Size: 4678 bytes
Desc: OpenPGP public key
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20230208/4d5deeeb/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20230208/4d5deeeb/attachment.sig>


More information about the WireGuard mailing list