Tarsnap - Online backups for the truly paranoid

Navigation menu

Deb packages

This package format is suitable for:

To use this package format:

  1. Initial setup: tell apt-get to trust signed packages from Tarsnap Backup Inc.
  2. Choose one:
    • Binary package: download and install a pre-compiled binary package.
    • Source package: download and compile the source package, then install it.

Initial setup

  1. Get the latest Tarsnap deb packaging key and check that it is recent:
    wget https://pkg.tarsnap.com/tarsnap-deb-packaging-key.asc
    gpg --show-key tarsnap-deb-packaging-key.asc
    pub   rsa4096 2023-10-01 [SC] [expires: 2025-02-01]
          D208F2B72561B8BB5A692B2461CC029C9466168E
    uid                      Tarsnap .deb packages signing key (Tarsnap Backup Inc.) <pkg-deb@tarsnap.com>
    If the key is not recent, then you might have an old version of tarsnap-deb-packaging-key.asc; wget does not overwrite an old file. In that case, please delete the old file and try this step again.
    Problem? The certificate of ‘pkg.tarsnap.com’ is not trusted
    If you receive the message:
    ERROR: The certificate of ‘pkg.tarsnap.com’ is not trusted.
    ERROR: The certificate of ‘pkg.tarsnap.com’ hasn't got a known issuer.
    Then you likely need to install the ca-certificates package.
  2. Once you are satisfied that the key is correct, prepare it for use by converting it to gpg's binary format and renaming it:
    gpg --dearmor tarsnap-deb-packaging-key.asc
    mv tarsnap-deb-packaging-key.asc.gpg tarsnap-archive-keyring.gpg
  3. Add the key and our repository to your system. Check your version of apt-get with:
    apt-get --version
    Based on the version number, use:
    • apt-get 1.1 or higher (2016 onwards): Debian 9 stretch, Ubuntu 16.04 xenial, etc.
      sudo cp tarsnap-archive-keyring.gpg /usr/share/keyrings/
      echo "deb [signed-by=/usr/share/keyrings/tarsnap-archive-keyring.gpg] http://pkg.tarsnap.com/deb/$(lsb_release -s -c) ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
    or:
    • apt-get 1.0 or lower (2015 or earlier): Debian 8 jessie, Ubuntu 14.04 trusty, Ubuntu 15.10 wily, etc.
      sudo cp tarsnap-archive-keyring.gpg /etc/apt/trusted.gpg.d/
      echo "deb http://pkg.tarsnap.com/deb/$(lsb_release -s -c) ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
    Problem? lsb_release: command not found
    If you receive the message
    lsb_release: command not found
    then you may either:
    1. Install the lsb-release package, delete the incomplete line from /etc/apt/sources.d/tarsnap.list and re-run the command.
    2. Manually enter a directory name for your distribution.
    Problem? The repository doesn't seem to exist

    Assuming that this is not a temporary network problem, you may be running a distribution release that is not included in our list. Our directory structure supplies the following releases:

    Distribution Directory Package compiled on
    Debian 7 wheezy wheezy
    Debian 8 jessie wheezy
    Debian 9 stretch stretch
    Debian 10 buster stretch
    Debian 11 bullseye stretch
    Debian 12 bookworm jammy
    Debian 13 trixie jammy
    Debian 14 forky jammy
    Debian unstable sid jammy
    ElementaryOS 0.3 freya wheezy
    ElementaryOS 0.4 loki wheezy
    ElementaryOS 5.0 juno stretch
    ElementaryOS 5.1 hera stretch
    ElementaryOS 6 odin stretch
    ElementaryOS 6.1 jolnir stretch
    ElementaryOS 7.0 horus jammy
    Mint 13 maya wheezy
    Mint 17 qiana wheezy
    Mint 17.1 rebecca wheezy
    Mint 17.2 rafaela wheezy
    Mint 17.3 rosa wheezy
    Mint 18 sarah wheezy
    Mint 18.1 serena wheezy
    Mint 18.2 sonya wheezy
    Mint 18.3 sylvia wheezy
    Mint 19.0 tara stretch
    Mint 19.1 tessa stretch
    Mint 19.2 tina stretch
    Mint 19.3 tricia stretch
    Mint 20 ulyana stretch
    Mint 20.1 ulyssa stretch
    Mint 20.2 uma stretch
    Mint 20.3 una stretch
    Mint 21 vanessa jammy
    Mint 21.1 vera jammy
    Mint 21.2 victoria jammy
    Mint 21.3 virginia jammy
    Mint 22 wilma jammy
    Mint Debian 6 faye jammy
    Ubuntu 12.04 precise precise
    Ubuntu 14.04 trusty wheezy
    Ubuntu 16.04 xenial wheezy
    Ubuntu 16.10 yakkety wheezy
    Ubuntu 17.04 zesty wheezy
    Ubuntu 17.10 artful wheezy
    Ubuntu 18.04 bionic stretch
    Ubuntu 18.10 cosmic stretch
    Ubuntu 19.04 disco stretch
    Ubuntu 19.10 eoan stretch
    Ubuntu 20.04 focal stretch
    Ubuntu 20.10 groovy stretch
    Ubuntu 21.04 hirsute stretch
    Ubuntu 21.10 impish stretch
    Ubuntu 22.04 jammy jammy
    Ubuntu 22.10 kinetic jammy
    Ubuntu 23.04 lunar jammy
    Ubuntu 23.10 mantic jammy
    Ubuntu 24.04 noble jammy
    Ubuntu 24.10 oracular jammy
    If you are running a different Debian-based distribution, try using:
    deb http://pkg.tarsnap.com/deb/stretch ./
    and if that fails, try:
    deb http://pkg.tarsnap.com/deb/wheezy ./
    or
    deb http://pkg.tarsnap.com/deb/jammy ./
    If none of those options work, please contact us at pkg-deb@tarsnap.com.
  4. Update your package database:
    sudo apt-get update

Tarsnap binary package

We currently provide binaries for i386 and amd64. If you are using another architecture (such as ARM or MIPS), then please follow the Tarsnap source package instructions.

One exception to the above: Ubuntu 22.04 and up no longer supports the i386 architecture, so we do not have i386 binary packages for Ubuntu 22.04 jammy and later versions. If you are running Ubuntu 22.04 on i386 (somehow?), then the source package instructions should still work.
  1. If you have not done so already, complete the Initial setup.
  2. Install the binary package:
    sudo apt-get install tarsnap
  3. (optional) The tarsnap binary package looks for a config file called /etc/tarsnap.conf, whereas the client built from the source tarball looks in /usr/local/etc/tarsnap.conf. If you have an existing Tarsnap config file, you may wish to:
    sudo mv /usr/local/etc/tarsnap.conf /etc/

Tarsnap source package

Most users will not need to use the source package; it is provided for:
  • Systems with a CPU architecture other than i386 or amd64.
  • "Truly paranoid" users who want to check exactly what is being compiled.

Tarsnap source package setup

  1. If you have not done so already, complete the Initial setup.
  2. Make sure that the package signing key is installed:
    sudo apt-get install tarsnap-archive-keyring
  3. Add the source repository. Check your version of apt-get with:
    apt-get --version
    Based on the version number, use:
    • apt-get 1.1 or higher (2016 onwards): Debian 9 stretch, Ubuntu 16.04 xenial, etc.
      echo "deb-src [signed-by=/usr/share/keyrings/tarsnap-archive-keyring.gpg] http://pkg.tarsnap.com/deb-src ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
    or:
    • apt-get 1.0 or lower (2015 or earlier): Debian 8 jessie, Ubuntu 14.04 trusty, Ubuntu 15.10 wily, etc.
      echo "deb-src http://pkg.tarsnap.com/deb-src ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
  4. Update your package database:
    sudo apt-get update
  5. Import the public key to the appropriate keyring so that the source package will be accepted by your non-root user:
    gpg --no-default-keyring --keyring trustedkeys.gpg \
        --import /usr/share/keyrings/tarsnap-archive-keyring.gpg

Tarsnap source package building

  1. Download the source, build it, and install:
    sudo apt-get build-dep tarsnap
    apt-get source -b tarsnap
    sudo dpkg -i tarsnap_*.deb
  2. (optional) If you would like to verify the signatures manually, you probably want to install the signature to your regular gpg keyring (in addition to the gpgv keyring that was configured in step 5).
    gpg --import /usr/share/keyrings/tarsnap-archive-keyring.gpg
    gpg --import /usr/share/keyrings/tarsnap-code-signing-keyring.gpg

Experimental packages

We have a repository for experimental packages. Most of the time, these packages are the same version as the official ones (although signed with our experimental key).

Currently testing

Not testing any packages.

Initial setup of the experimental repository

  1. Ensure that you have a copy of the archive key; the method depends on whether you have already installed the tarsnap-archive-keyring package or not.
    1. If you already installed the package, the key is on your system. Make an extra copy of the key:
      cp /usr/share/keyrings/tarsnap-experimental-keyring.gpg .
      and skip to step 2.
    or:
    1. If you haven't installed the package, please download the key:
      wget https://pkg.tarsnap.com/experimental/tarsnap-EXPERIMENTAL-deb-packaging-key.asc
      Then convert it to gpg's binary format and rename it:
      gpg --dearmor tarsnap-EXPERIMENTAL-deb-packaging-key.asc
      mv tarsnap-EXPERIMENTAL-deb-packaging-key.asc.gpg tarsnap-experimental-keyring.gpg
  2. Add the key and our repository to your system. Check your version of apt-get with:
    apt-get --version
    Based on the version number, use:
    1. apt-get 1.1 or higher (2016 onwards): Debian 9 stretch, Ubuntu 16.04 xenial, etc.
      sudo cp tarsnap-experimental-keyring.gpg /usr/share/keyrings/
      echo "deb [signed-by=/usr/share/keyrings/tarsnap-experimental-keyring.gpg] http://pkg.tarsnap.com/experimental/deb/$(lsb_release -s -c) ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
    or:
    1. apt-get 1.0 or lower (2015 or earlier): Debian 8 jessie, Ubuntu 14.04 trusty, Ubuntu 15.10 wily, etc.
      sudo cp tarsnap-experimental-keyring.gpg /etc/apt/trusted.gpg.d/
      echo "deb http://pkg.tarsnap.com/experimental/deb/$(lsb_release -s -c) ./" | sudo tee -a /etc/apt/sources.list.d/tarsnap.list
  3. Update:
    sudo apt-get update

Installing the experimental packages

  1. Once you have completed the initial setup, run:
    sudo apt-get install tarsnap
    (If you already have tarsnap installed, it will be upgraded to the latest experimental version.)

Known issues and contact

There are no known problems with these packages.

Other problems? Please email pkg-deb@tarsnap.com.