Tarsnap - Online backups for the truly paranoid

Navigation menu

Tarsnap Requirements

At the present time,

Getting started with Tarsnap

There are 6 steps before you can begin your first backup with Tarsnap:

1. Install the Tarsnap client code

2. Set up the configuration file

  • We recommend that you begin with the default configuration file:
    • If you are using the deb packages, then this file is already located in
    • If you are using a third-party package, then consult the relevant documentation to see where it installs the configuration file.
    • If you compiled from source, then:
      On most systems (Linux, macOS, etc.)
      sudo mv \
          /usr/local/etc/tarsnap.conf.sample \
      Other systems (without sudo)
      mv \
          /usr/local/etc/tarsnap.conf.sample \
  • You may check this text file (comments are indicated with the # character). Do not worry about the keyfile; that will be created in step 5.

3. Sign up for a Tarsnap account

  • Sign up on the Tarsnap registration page.
  • You will receive an email asking you to confirm your registration.

4. Deposit funds into your account

  • Log into the Tarsnap account management interface and add funds to your account.
  • The initial deposit must be $5 or more.

5. Register the machine(s) on which you will be using Tarsnap

  • To register a machine with the Tarsnap server,
    On most systems (Linux, macOS, etc.)
    sudo tarsnap-keygen \
        --keyfile /root/tarsnap.key \
        --user me@example.com \
        --machine mybox
    Other systems (without sudo)
    tarsnap-keygen \
        --keyfile /root/tarsnap.key \
        --user me@example.com \
        --machine mybox
    with appropriate values substituted:
    • /root/tarsnap.key: file in which to store the keys used to create and access archives.
    • me@example.com: the email address you used to sign up with Tarsnap.
    • mybox: a name which is displayed in accounting reports so that you know how much data each machine is storing.
    Problem? sudo: tarsnap-keygen: command not found
    As a security measure, some distributions' /etc/sudoers contains something like:
    Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
    This means that a command in /usr/local/bin will not be found by sudo, even if this directory is in $PATH for both your user account and root! Instead, run:
    sudo $(which tarsnap-keygen) --keyfile...
  • Enter your Tarsnap account password when prompted.

6. Keep your key file safe

  • Store your /root/tarsnap.key somewhere safe.
    If you lose tarsnap.key, you will not be able to access your archived data.
  • There are many ways to keep it safe:
    • Copy it to a different system.
    • Put it on a USB disk.
    • Give it to a friend.
    • Print it out (it is printable text).
    • Store it in a bank vault.
    Pick at least one and do it!

Using Tarsnap

Once you've created your key file(s), you're ready to start using Tarsnap.

The easiest way to get started is with our simple usage instructions.

An alternative method would be to use one of the third-party helper scripts to automate backups.