Borg Backup

BorgBackup (short: Borg) is a deduplicating backup program. Optionally, it supports compression and authenticated encryption.

The main goal of Borg is to provide an efficient and secure way to backup data. The data deduplication technique used makes Borg suitable for daily backups since only changes are stored. The authenticated encryption technique makes it suitable for backups to not fully trusted targets.

to get started with Borg. There is also an offline documentation available, in multiple formats.

Main features

Space efficient storage

Deduplication based on content-defined chunking is used to reduce the number of bytes stored: each file is split into a number of variable length chunks and only chunks that have never been seen before are added to the repository.

A chunk is considered duplicate if its id_hash value is identical. A cryptographically strong hash or MAC function is used as id_hash, e.g. (hmac-)sha256.

To deduplicate, all the chunks in the same repository are considered, no matter whether they come from different machines, from previous backups, from the same backup or even from the same single file.

Compared to other deduplication approaches, this method does NOT depend on:

• File/directory names staying the same: So you can move your stuff around without killing the deduplication, even between machines sharing a repo ;
• Complete files or time stamps staying the same: If a big file changes a little, only a few new chunks need to be stored – this is great for VMs or raw disks ;
• The absolute position of a data chunk inside a file: Stuff may get shifted and will still be found by the deduplication algorithm ;
• Speed ;
• Performance-critical code (chunking, compression, encryption) is implemented in C/Cython ;
• Local caching of files/chunks index data ;
• Quick detection of unmodified files ;
• Data encryption ;
• All data can be protected client-side using 256-bit authenticated encryption (AES-OCB or chacha20-poly1305), ensuring data confidentiality, integrity and authenticity ;
• Obfuscation ;
• Optionally, borg can actively obfuscate e.g. the size of files / chunks to make fingerprinting attacks more difficult ;
• Compression.

All data can be optionally compressed:

• lz4 (super fast, low compression) ;
• zstd (wide range from high speed and low compression to high compression and lower speed) ;
• zlib (medium speed and compression) ;
• lzma (low speed, high compression) ;
• Off-site backups ;
• Borg can store data on any remote host accessible over SSH. If Borg is installed on the remote host, big performance gains can be achieved compared to using a network filesystem (sshfs, nfs, …) ;
• Backups mountable as filesystems ;
• Backup archives are mountable as userspace filesystems for easy interactive backup examination and restores (e.g. by using a regular file manager).