create

8BitSafe-cli [common options] repo create [options] [REPOSITORY]

positional arguments	description
REPOSITORY	repository to create

optional arguments	description	default	allowed
--e, --encryption <algo>	Data encryption algo	aes256-gcm	aes256-gcm, chacha20-poly1305
--idhash <algo>	Keyed blockID hash algo	blake2b-256	sha512-256, blake2b-256
--pkdf <algo>	PBKDF algo	argon2	pbkdf2, argon2
--pkdf-time <ms>	Tune the PBKDF to run for approximately N milliseconds	192	≥ 96 (integer)

Flat store only:

optional arguments	description	default	allowed
--store-max-file-size <sizeString>	FlatStore max file size	256MiB	sizeString

Remote store only:

optional arguments	description	default	allowed
--r-key-mode <mode>	Remote key mode	user	user, vault, vault-user
--r-new-device	Force generate new remote deviceID	-	-
--r-device-name <string>	Custom device name	computer/host name

Description

This command initializes an empty repository.
A repository is a filesystem directory containing the backup data for zero or more archives.

Encryption

AES-GCM is used by default, see here for performance details on the supported algorithms.

BlockID Hash

Blake2b-256 is used by default, see here for performance details on the supported algorithms.

Passphrase

info

Minimum length is 12 characters, maximum 256

Make sure you use a good passphrase. Not too short, not too simple.

Bad passphrases

lostStone2
cat-meows-twice
j$%2ZLsg (complex but short)

Good passphrases

geiger-unsure-epilogue-payee-seizing-probe-ventricle-coffee-clothing-audacious
S9xQFEsn4Ym6wiRCydpDBjz4KbcxdjkQ4QN4LMs2

High ascii characters are not allowed to prevent issues based on passphrase input translation on different systems. Internally the passphrase is treated as utf-8.

Prefer a long passphrase over a short complex passphrase as typically the longer passphrase is much harder to brute force.

You can change the passphrase at a later date see change-passphrase.

PBKDF

You can select either pbkdf2 or argon2(Argon2id) for the passphrase key derivation function.

These are used to derive an encryption key used to encrypt/decrypt the repo file see here for more details.

PBKDF time

The client will automatically tune the PBKDF to take approximately this amount of time to complete on your hardware. See here for more details.

Store max file size

Data files are split based on this size.

We suggest you don't make this value lower than he default and no bigger than 1GB unless you understand the implications.

This option takes a human size.

Examples

info

Windows

Create a repo in D:\storage\backups\repo (the folder will be created if missing)

8BitSafe-cli.exe repo create D:\storage\backups\repo

Loading new repo passphrase from BS_PASSPHRASE

set BS_PASSPHRASE=xxxxxxxxxxxx
8BitSafe-cli.exe repo create D:\storage\backups\repo

With options

8BitSafe-cli.exe repo create --idhash sha512-256 --pkdf pbkdf2 --pkdf-time 256 D:\storage\backups\repo

Using only FIPS-140 algorithms

8BitSafe-cli.exe repo create --idhash sha512-256 -e aes256-gcm --pkdf pbkdf2 D:\storage\backups\repo

Unix

Create a repo in /mnt/backups/repo (the folder will be created if missing)

8BitSafe-cli repo create /mnt/backups/repo

Loading new repo passphrase from BS_PASSPHRASE

export BS_PASSPHRASE=xxxxxxxxxxxx
8BitSafe-cli repo create /mnt/backups/repo

With options

8BitSafe-cli repo create --idhash sha512-256 --pkdf pbkdf2 --pkdf-time 256 /mnt/backups/repo

Using only FIPS-140 algorithms

8BitSafe-cli repo create --idhash sha512-256 -e aes256-gcm --pkdf pbkdf2 /mnt/backups/repo

Remote Storage

Create a remote repo BS_API_TOKEN must be set.

set BS_API_TOKEN=xxxxxx
8BitSafe-cli repo create remote

Loading new repo passphrase from BS_PASSPHRASE

set BS_PASSPHRASE=xxxxxxxxxxxx
set BS_API_TOKEN=xxxxxx
8BitSafe-cli repo create remote

With options

set BS_API_TOKEN=xxxxxx
8BitSafe-cli repo create --idhash sha512-256 --r-key-mode vault remote

Using only FIPS-140 algorithms

set BS_API_TOKEN=xxxxxx
8BitSafe-cli repo create --idhash sha512-256 -e aes256-gcm --pkdf pbkdf2 remote