The xbcrypt binary

To support encryption and decryption of the backups, a new tool xbcrypt was introduced to Percona XtraBackup.

Percona XtraBackup 2.4.25 implements the XBCRYPT_ENCRYPTION_KEY environment variable. The variable is only used in place of the --encrypt_key=name option. You can use the environment variable or command line option. If you use both, the command line option takes precedence over the value specified in the environment variable.

This utility has been modeled after The xbstream binary to perform encryption and decryption outside of Percona XtraBackup. xbcrypt has following command line options:

-d, –decrypt

Decrypt data input to output.

-i, –input=name

Optional input file. If not specified, input will be read from standard input.

-o, –output=name

Optional output file. If not specified, output will be written to standard output.

-a, –encrypt-algo=name

Encryption algorithm.

-k, –encrypt-key=name

Encryption key.

-f, –encrypt-key-file=name

File which contains encryption key.

-s, –encrypt-chunk-size=

Size of working buffer for encryption in bytes. The default value is 64K.

–encrypt-threads=

This option specifies the number of worker threads that will be used for parallel encryption/decryption.

-v, –verbose

Display verbose status output.

Contact us

For free technical help, visit the Percona Community Forum.

To report bugs or submit feature requests, open a JIRA ticket.

For paid support and managed or consulting services , contact Percona Sales.

---

Last update: 2022-07-19