Jump to content

Restore Passwordstate


Alexey

Recommended Posts

Hi guys,

 

Thanks for such an awesome product. I'm impressed with how many small but very useful features you've got in PS!

 

Right now I'm finished with deploying and configuring our Passwordstate instance for production use. But before letting people start putting the information into it, I've realized that in case of disaster I don't have a clear picture on how to restore PS.

I've gone through "Passwordstate Security Administrators Manual", your YouTube channel and this forum, but could not find any reference to a restore procedure.

 

I've configured backups in PS and have 2 files (zip for PS and bak for DB) created every N hours as per PS config, however I remember a notice from the manual saying:

"In order to restore your Passwordstate environment after a disaster, the minimum you need is a copy of the web.config file, and a copy of the database" 

which made me confused.

 

Question: Do I need to manually make sure that I have encryption keys and web.config file stored elsewhere (have backups of them) or the automatic backup procedure does that for me?

 

Would be very useful if you could make a short tutorial (text/video whatever is easier for you) on the restore procedure.

 

P.S. If I missed and this topic has already been covered, please point me there.

 

Regards,

Alexey.

Link to comment
Share on other sites

10 minutes ago, Alexey said:

Question: Do I need to manually make sure that I have encryption keys and web.config file stored elsewhere (have backups of them) or the automatic backup procedure does that for me?

 

Technically no, web.config and the database contain half of the encryption keys - put the halves together and you can decrypt the content of the database.

The ZIP contains everything in /inetpub/passwordstate

The Bak, as you pointed out, is the database. So with these two things you have everything you need.

 

We rotate then export our encryption keys every third upgrade and send them off site in a vault to be stored - but this isn't required.
We also ship our passwordstate generated backups to a different physical server at a different site, as well as sending to tapes which get stored at an offsite vault.

At anyone one time we have some 365 copies we can restore from (on tapes, one for each day), and then 30 copies on the passwordstate server we can restore from, as well as those same ones on the second physical server in the second site.

Link to comment
Share on other sites

Hi Sarge,

 

Thanks a lot for your reply.

Indeed, now it makes clear to me about two halves!

 

Your backup procedure is very interesting, thanks for sharing.

Have you ever got a need to rollback/recover to a backup? Did it go well?

Link to comment
Share on other sites

17 minutes ago, support said:

Under the Help Menu, in User Manual, we have various Disaster Recovery processes covered under the KB Article section - this might help as well.

 

Oh, that's cool! That's what I needed.

 

Just wondering, why did you put disaster recovery under the "User Manual" and not in "Security Administrators Manual"?

For me, it's not really obvious to try checking the user manual, since I believe that recovery is to be done by an admin and not a user. Anyway, that's my logic only.

 

However, maybe it's worth mentioning that recovery steps might be found in User manual? :)

 

Thanks!

Link to comment
Share on other sites

Hi Alexey,

 

No specific reason - I guess because we had a KB Article section in there, and the Security Admin manual maps to each of the menu in the Admin area. Maybe we should put in both, and probably under the Backups and Upgrades section in the Security Admins manual.

Regards

Click Studios

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...