Most free cloud storage is limited to 5GB or less. Even Google Drive is limited to 15GB. While not heavily advertised, IBM offers free accounts with a whopping 25GB of cloud storage for free. This is not a limited time offer, and you don’t have to provide a credit card. It’s absolutely free! Better yet, since it’s S3 compatible, most of the S3 tools available for backups should work fine.
This article will show you how to use restic for encrypted backups onto this free storage. Please also refer to this previous Magazine article about installing and configuring restic. Let’s get started!
Creating your free IBM account and storage
Head over to the IBM cloud services site and follow the steps to sign up for a free account here: https://cloud.ibm.com/registration. You’ll need to verify your account from the email confirmation that IBM sends to you.
Then log in to your account to bring up your dashboard, at https://cloud.ibm.com/.
Click on the Create resource button.
Click on Storage and then Object Storage.
Next click on the Create Bucket button.
This brings up the Configure your resource section.
Next, click on the Create button to use the default settings.
Under Predefined buckets click on the Standard box:
A unique bucket name is automatically created, but it’s suggested that you change this.
In this example, the bucket name is changed to freecloudstorage.
Click on the Next button after choosing a bucket name:
Continue to click on the Next button until you get the the Summary page:
Scroll down to the Endpoints section.
The information in the Public section is the location of your bucket. This is what you need to specify in restic when you create your backups. In this example, the location is s3.us-south.cloud-object-storage.appdomain.cloud.
Making your credentials
The last thing that you need to do is create an access ID and secret key. To start, click on Service credentials.
Click on the New credential button.
Choose a name for your credential, make sure you check the Include HMAC Credential box and then click on the Add button. In this example I’m using the name resticbackup.
Click on View credentials.
The access_key_id and secret_access_key is what you are looking for. (For obvious reasons, the author’s details here are obscured.)
You will need to export these by calling them with the export alias in the shell, or putting them into a backup script.
Preparing a new repository
Restic refers to your backup as a repository, and can make backups to any bucket on your IBM cloud account. First, setup the following environment variables using your access_key_id and secret_access_key that you retrieved from your IBM cloud bucket. These can also be set in any backup script you may create.
$ export AWS_ACCESS_KEY_ID=<MY_ACCESS_KEY> $ export AWS_SECRET_ACCESS_KEY=<MY_SECRET_ACCESS_KEY>
Even though you are using IBM Cloud and not AWS, as previously mentioned, IBM Cloud storage is S3 compatible, and restic uses its interal AWS commands for any S3 compatible storage. So these AWS keys really refer to the keys from your IBM bucket.
Create the repository by initializing it. A prompt appears for you to type a password for the repository. Do not lose this password because your data is irrecoverable without it!
restic -r s3:http://PUBLIC_ENDPOINT_LOCATION/BUCKET init
The PUBLIC_ENDPOINT_LOCATION was specified in the Endpoint section of your Bucket summary.
For example:
$ restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage init
Creating backups
Now it’s time to backup some data. Backups are called snapshots. Run the following command and enter the repository password when prompted.
restic -r s3:http://PUBLIC_ENDPOINT_LOCATION/BUCKET backup files_to_backup
For example:
$ restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage backup Documents/ Enter password for repository: repository 106a2eb4 opened successfully, password is correct Files: 51 new, 0 changed, 0 unmodified Dirs: 0 new, 0 changed, 0 unmodified Added to the repo: 11.451 MiB processed 51 files, 11.451 MiB in 0:06 snapshot 611e9577 saved
Restoring from backups
Now that you’ve backed up some files, it’s time to make sure you know how to restore them. To get a list of all of your backup snapshots, use this command:
restic -r s3:http://PUBLIC_ENDPOINT_LOCATION/BUCKET snapshots
For example:
$ restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage snapshots Enter password for repository: ID Date Host Tags Directory ------------------------------------------------------------------- 106a2eb4 2020-01-15 15:20:42 client /home/curt/Documents
To restore an entire snapshot, run a command like this:
restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage restore snapshotID --target restoreDirectory
For example:
$ restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage restore 106a2eb4 --target ~ Enter password for repository: repository 106a2eb4 opened successfully, password is correct restoring <Snapshot 106a2eb4 of [/home/curt/Documents]
If the directory still exists on your system, be sure to specify a different location for the restoreDirectory. For example:
restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage restore 106a2eb4 --target /tmp
To restore an individual file, run a command like this:
restic -r s3:http://PUBLIC_ENDPOINT_LOCATION/BUCKET restore snapshotID --target restoreDirectory --include filename
For example:
$ restic -r s3:http://s3.us-south.cloud-object-storage.appdomain.cloud/freecloudstorage restore 106a2eb4 --target /tmp --include file1.txt Enter password for repository: restoring <Snapshot 106a2eb4 of [/home/curt/Documents] at 2020-01-16 15:20:42.833131988 -0400 EDT by curt@client> to /tmp
Photo by Alex Machado on Unsplash.
[EDITORS NOTE: The Fedora Project is sponsored by Red Hat, which is owned by IBM.]
[EDITORS NOTE: Updated at 1647 UTC on 24 February 2020 to correct a broken link.]
Lukas Piekarski
I didn’t know that IBM offers free cloud storage. Now, I’m using Amazon S3 Glacier storage. After 48 hours, the data is transferred to Glacier Deep Archive (it’s cheaper). I still have a free tier so my monthly bills don’t exceed $0.5 with over 30GB of data.
I love CLI but it is possible to set Amazon S3 backups in DejaDup by changing values in gsettings. I wonder if you can do the same with IBM s3 storage.
Curt Warfield
Hi,
Since it’s S3 compatible it should work but you’d have to try it to be sure.
Rob
If you can live without the aws thingy and settle for some fuse-based alternative you can have way more storage and more (git,pgp identiy management, cryptowallet, even free money at times..
Boy must their maketing suck if ppl pay for 10G like this.
They run on AWS I think.
Matt
Welp. Tried few times.
“Failure during registration
Try again in a few minutes. If you continue having problems, contact us at this link: https://watson.service-now.com/wcp“
Oswald
Exactly the same problem here. It fails every time.
Boricua
Nice job, thanks for the info. My only question would be if there is a graphic client I could use, apart from restic.
Elias
Can’t register, with protonmail mail account.
Registration pass with : gmail, outlook (hotmail) and yahoo .
Elias
After several retries, only with gmail account I made the registration
Patrice
Wow! Very cool! I’m gonna try that right away.
You may want to correct he first link, to the previous article about restic; it is broken because the address was pasted twice.
Paul W. Frields
Looks like it’s been fixed now, sorry for the bother.
Roger
I like the idea of using IBM rather than Amazon. Plus, more storage.
P. Graham
Nice article. The link to the previous “restic” article is broken (it is two copies of the URL concatenated together: https://fedoramagazine.org/use-restic-encrypted-backups/https://fedoramagazine.org/use-restic-encrypted-backups/).
Ben
Thanks for this!
Minor comment, the link to the previous article on restic seems broken, did you mean:
https://fedoramagazine.org/automate-backups-with-restic-and-systemd/?
Chris
Could someone guide me configuring it with rclone? I tried following this guide (https://cloud.ibm.com/docs/services/cloud-object-storage?topic=cloud-object-storage-rclone) or this one (https://rclone.org/s3/#ibm-cos-s3) but with no success 🙁
Cecille
If some incident (accident, death in the family) causes you to be offline from this service for 30 days – you will lose all you uploaded.
I have not read IBM terms and conditions but almost always you will find zero commitment – meaning loss of access to your data at any time without warning or compensation.
I have no connection with Pcloud but in both of the above respects they pass; but the free tier is 6GB only.
sheldon
… and in which way is it encrypted?
The docs do not tell you, what kind of encryption is implemented and from the 32bit keyids on the key management page, i would guess, an old one.
Solution:
mount storage via fuse
create luks container in mountpoint,
have working encryption and any backup tool you like.
Curt Warfield
From their site: (https://restic.net/)
Restic uses cryptography to guarantee confidentiality and integrity of your data. The location where the backup data is stored is assumed to be an untrusted environment (e.g. a shared space where others like system administrators are able to access your backups). Restic is built to secure your data against such attackers, by encrypting it with AES-256 in counter mode and authenticating it using Poly1305-AES.
Paolo
Hi, i’m very interested in your solution. Could you write a quick guide about it?
Stuart D Gathman
fuse is a general kernel API for filesystems in user space, used for everything from ntfs-ng to mp3fs. What specific filesystem/block device are you recommending?
Pat
Still getting “Failed during registration”. Tried with different browsers and with extensions turned off.
Zyarc Xavier
To my knowledge Mega.nz gives you 50Gbs storage upon signup, and it is an encrypted account to which one can upload any type of file/backup. Just my thoughts 🙂
Curt Warfield
Zyarc,
You only get the 50Gb storage during the initial signup, they drop you down to 15GB very quickly after you signup. It also doesn’t work that well with opensource backup solutions such as restic, rclone, etc.
Aiden Vrenna
My Mega account is 3-4 years old, and I still have 50GB at no cost.
Curt Warfield
Aiden,
They have changed their terms. You now only get 15GB after the “trial”. I signed up for an account to verify.
Bevy
Signing up with a gmail address worked the first time.
Tried many times before that with an outlook address and it failed every time.
Thomas
Same here. gmx.de did not work, but gmail does. Strange.
Yazan Al Monshed
that like a new platform!. give me many errors when I was signup to the website!.
Rob
keybase.io gives 250G or something, even free crypto currency at times..
Yet Another Rob
+1 for Keybase (newer?) & Mega (older & tainted?).
I think you can run a 30 GB VM on Google for free.
You have to do your own hardening and monitoring, but I think it’s 1,000X better than what IBM is offering.
Why is this article even here?
LULZ.
Stuart D Gathman
Compared to Google and Amazon, IBM is a “small” company today. Fight monopoly.
Glen
Remember, IBM owns Redhat now. and Redhat is the steward of Fedora.
Rtm
It wants my billing information right after login, and when I cancel dialog it logs me out 🙂 Buy IBM and, please, don’t be so nosy right away…
Curt Warfield
Hi,
I just signed up for another account to verify and they do NOT ask for billing information. The 25GB of free storage is still valid and you do NOT need a credit card. And I signed up with a Yahoo account so it doesn’t require a Gmail account.
Peeter
I think stage about credit card should be described, as article is just a timewaste 🙁 Didn’t go with IBM.
Curt Warfield
Hi Peeter,
I just signed up for another account to verify and they do NOT ask for billing information. The 25GB of free storage is still valid and you do NOT need a credit card. And I signed up with a Yahoo account so it doesn’t require a Gmail account.