Tarsnap - Online backups for the truly paranoid Navigation menu Online backups for the truly paranoid Tarsnap is a secure, efficient online backup service: Encryption: your data can only be accessed with your personal keys. We can’t access your data even if we wanted to! Source code: the client code is available. You don’t need to trust us; you can check the encryption yourself! Deduplication: only the unique data between your current files and encrypted archives is uploaded. This reduces the bandwidth and storage required, saving you money! Tarsnap runs on UNIX-like operating systems (BSD, Linux, macOS, Cygwin, etc). Start using Tarsnap now! Tarsnap pricing Tarsnap uses a prepaid model based on actual usage: Storage: 250 picodollars / byte-month of encoded data ($0.25 / GB-month) Bandwidth: 250 picodollars / byte of encoded data ($0.25 / GB) "Encoded data" are the actual bytes stored or transmitted after data deduplication, compression, and encryption. There are no other fees — Tarsnap has no fixed costs or minimum monthly fees. You pay for what you use, nothing more. Why use Tarsnap? Consider a typical backup scenario: Alice begins a backup, which takes a complete snapshot of her files. She does not need to decide whether to do a "full backup" or "incremental backup". [Why?] Tarsnap automatically finds the unique data within her files. Only this data is uploaded and stored. [How?] Alice pays less than $5/month. Even though she has thousands of daily backups, adding up to several terabytes of non-unique data. [Why?] Alice’s data is secure. Even if an attacker (Mallory) breaks into Tarsnap’s storage, he lacks her private keys and thus cannot read or modify her data. [Why?] Latest Tarsnap release Tarsnap 1.0.41 (March 21, 2025) Changes in this version compared to 1.0.40: tarsnap now has mitigations to defend against information leakage via chunking: Chunks are padded using the PADME scheme, and small-alphabet cycles are prohibited in chunking to block a chosen-plaintext attack. For more details on the attack, see the author’s blog post and the paper Chunking Attacks on File Backup Services using Content-Defined Chunking which is available on the Cryptology ePrint Archive. tarsnap -c now accepts --dry-run-metadata, which simulates creating an archive without reading any file data. This is significantly faster than a regular --dry-run, and is suitable for checking which filesystem entries will be archived (with -v) or checking the total archive size (with --totals or --progress-bytes). tarsnap now accepts --noatime with -c mode, which requests that the operating system does not update atime when reading files or directories. Not supported by all operating systems or filesystems. If the server-side state was modified and tarsnap exits with an error, it will now have an exit code of 2. tarsnap will read a config file in $XDG_CONFIG_HOME/tarsnap/tarsnap.conf; or ~/.config/tarsnap/tarsnap.conf if $XDG_CONFIG_HOME is not set. The previous config file ~/.tarsnaprc is still supported, and will not be deprecated. tarsnap now accepts --null-input as a synonym for --null. For compatibility reasons, --null is still supported, and will not be deprecated. tarsnap now accepts --null-output, which causes --list-archives to separate each archive name with a null character (like `find -print0`). If one or more -v arguments are specified, multiple null characters are used to separate fields; see the man page for details. tarsnap now accepts --null-output with -x and -t, which causes them to separate each filename with a null character. If there are multiple fields on a line, null characters are used instead of spaces; see the man page for details. tarsnap now accepts --null-output with --print-stats, which causes it to separate fields and lines with null character(s); see the man page for details. tarsnap now accepts --hashes, which causes --list-archives to print hashes of archive names. If one or more -v arguments are specified, it will print other metadata (as per --list-archives). This option is intended for the GUI and is not needed for command-line usage. tarsnap now accepts -f TAPEHASH with --list-archives --hashes, which prints metadata about the specified archive(s). Multiple -f options may be specified. This option is intended for the GUI and is not needed for command-line usage. Fixed a problem with strict aliasing if somebody compiled with gcc11 or higher using -O3, does not have SSE2, and is using a passphrase-protected keyfile. As usual, there are also lots of minor build fixes, harmless bug fixes, and code cleanups. You can see all of the changes between 1.0.40 and this version in our tarsnap git repository. Download Tarsnap now! Tarsnap News About Testimonials Legal Infrastructure Bug Bounty Design Download Documentation Technical details Open Source Support Accounts