Open Source Backup Software
In This Guide
Why Open Source Backup Software Matters
Data loss costs businesses an average of $4,500 per minute of downtime, according to industry research. For individuals, losing years of photos, documents, and creative work can be equally devastating. Backup software is not optional, it is infrastructure. The question is whether you trust a closed-source vendor to protect your most critical asset or whether you want to verify, modify, and control that protection yourself.
Open source backup tools address several fundamental problems with proprietary alternatives. First, transparency: you can audit the encryption implementation, verify that your data is actually being protected the way the vendor claims, and confirm that no telemetry or data harvesting is happening behind the scenes. Second, longevity: if a commercial backup vendor goes bankrupt or discontinues a product, your backup archives may become inaccessible. Open source tools cannot disappear because the code is freely available and community maintained. Third, cost: enterprise backup licenses from vendors like Veeam, Commvault, or Acronis can run into thousands of dollars per server per year. Open source tools deliver comparable functionality at zero licensing cost.
The open source backup ecosystem has matured significantly in recent years. Projects like Restic and Kopia have brought modern design principles to a category that was long dominated by complex, aging tools. Today, you can set up encrypted, deduplicated, cloud-backed backups with a single command line tool, something that would have required expensive commercial software just a decade ago.
There is also a philosophical argument worth considering. Your backup software has access to every file on your system. It runs with elevated privileges. It communicates with remote servers. In a world of increasing supply chain attacks and privacy concerns, being able to read the source code of the software that handles your most sensitive data is not a luxury, it is a reasonable security practice.
How Modern Backup Software Works
Modern open source backup tools share a common architectural approach that differs substantially from the simple file-copying utilities of the past. Understanding these core concepts helps you evaluate tools and design effective backup strategies.
Deduplication is the single most important feature in modern backup software. Instead of storing complete copies of your data each time a backup runs, deduplication breaks files into chunks (typically 1-8 MB) and stores each unique chunk only once. If you have a 10 GB database that changes by 50 MB per day, a traditional backup would store 10 GB for each backup. A deduplicated backup stores 10 GB for the first backup and roughly 50 MB for each subsequent one. Over a month of daily backups, that is the difference between 300 GB and 11.5 GB of storage. BorgBackup, Restic, and Kopia all use content-defined chunking algorithms that maintain high deduplication ratios even when files are modified or renamed.
Encryption ensures that your backup data is unreadable to anyone who does not have your encryption key. Client-side encryption, where data is encrypted before it leaves your machine, is the gold standard. This means that even if your cloud storage provider or backup server is compromised, the attacker gets nothing useful. Restic, Kopia, and BorgBackup all implement client-side encryption using AES-256 or similar algorithms. The encryption key never leaves your machine and never touches the storage backend.
Compression reduces the size of your backup data by applying algorithms like zstd, lz4, or zlib to each chunk before storage. The best tools let you choose your compression algorithm and level, trading CPU time for storage savings. BorgBackup is particularly strong here, offering multiple compression algorithms with fine-grained control over compression levels. Kopia defaults to zstd compression, which offers an excellent balance of speed and ratio.
Snapshot model means that each backup creates a point-in-time snapshot of your data. You can browse any previous snapshot as if it were a complete copy, even though the underlying storage only keeps unique chunks. This gives you the convenience of full backups with the efficiency of incremental ones. Restoring from any snapshot is equally fast because the tool reassembles the full file tree from its chunk index.
Types of Backup Strategies
Before choosing a tool, you need to understand the backup strategy it will execute. The right strategy depends on how much data you have, how frequently it changes, how quickly you need to restore, and how long you need to keep historical versions.
Full backups copy every file every time. They are simple and make restoration straightforward, but they consume enormous amounts of storage and take a long time to complete. Very few modern tools use pure full backups because deduplication achieves the same restoration simplicity without the storage waste.
Incremental backups only copy files that have changed since the last backup. They are fast and storage-efficient, but restoring requires replaying the full chain of increments from the last full backup forward. Traditional incremental tools like rsync work this way. The risk is that a corrupted increment can break the entire chain.
Deduplication-based snapshots combine the best of both approaches. Tools like Restic, BorgBackup, and Kopia scan all files on each run but only store new or changed chunks. Each snapshot looks like a full backup from the user's perspective, but storage consumption is closer to an incremental approach. There is no chain to break because every snapshot independently references the chunks it needs.
The 3-2-1 rule remains the foundation of any serious backup strategy: keep at least 3 copies of your data, on at least 2 different types of storage media, with at least 1 copy stored offsite. Open source tools make this achievable on any budget. You might keep a local backup on an external drive using BorgBackup, replicate it to a cloud storage provider using Restic, and store a third copy on a remote server using rsync. Each layer adds protection against a different class of failure.
Retention policies determine how long you keep old snapshots. Most tools support time-based retention (keep daily snapshots for 30 days, weekly for 6 months, monthly for 2 years) or count-based retention (keep the last 30 snapshots). Kopia has the most flexible retention policies of the major tools, allowing per-directory policy overrides.
Leading Open Source Backup Tools
The open source backup landscape includes tools for every use case, from single-machine CLI utilities to full enterprise backup suites with web interfaces and centralized management. Here are the most widely deployed options.
BorgBackup is a Python-based deduplicating backup tool that has been under active development since 2015, building on the earlier Attic project. It is widely regarded as the most storage-efficient option, thanks to its excellent compression support and content-defined chunking. BorgBackup supports SSH remotes as its primary storage backend, which means it works with any server you can SSH into but does not natively support cloud object storage like S3 or B2. It runs on Linux and macOS, with no official Windows support. The companion tool borgmatic provides a configuration-driven wrapper that simplifies scheduling and management. BorgBackup is the best choice for Linux users who want maximum control and efficiency and are comfortable with SSH-based storage.
Restic is written in Go, which gives it excellent cross-platform support including native Windows, macOS, and Linux binaries. It supports a wide range of storage backends out of the box, including local directories, SFTP, Amazon S3, Backblaze B2, Microsoft Azure, Google Cloud Storage, and any S3-compatible provider. Restic always encrypts backups, there is no unencrypted mode, which means your data is protected by default. Its design prioritizes simplicity and correctness over raw performance, though recent versions have significantly improved speed. Restic has the largest community of any open source backup tool and extensive documentation. It is the safest choice for users who need cross-platform support and cloud backend flexibility.
Kopia is the newest of the three major deduplicating backup tools, also written in Go. Its distinguishing feature is a built-in web UI and server mode that enables centralized management of backups across multiple machines. Kopia supports all major cloud backends, offers granular per-directory snapshot policies, and includes both CLI and GUI interfaces. Version 0.23 (released in 2026) brought improved maintenance statistics and consistency checks. Kopia is ideal for users who want a graphical interface or need to manage backups for a small team from a central server.
UrBackup is a client-server backup system designed for backing up multiple machines over a network. It supports both file-level and full disk image backups, which means you can restore individual files or recover an entire machine from bare metal. UrBackup includes a web-based administration interface for managing clients, monitoring backup status, and configuring schedules. Server version 2.5.37 was released in April 2026. It runs on Linux and Windows servers, with clients available for Windows, Linux, and macOS. UrBackup is the best choice for small to medium offices that need centralized backup management with image-based disaster recovery.
Bacula is an enterprise-grade network backup suite that has been in development since 2000. It uses a modular architecture with separate director, storage, and client daemons, which allows it to scale to very large environments. Bacula supports tape libraries, disk pools, and cloud storage. Its configuration is complex compared to newer tools, but it handles advanced scenarios like multi-site replication, media pools, and automated tape rotation that simpler tools cannot address. Bacula is available in both a community edition and a commercial enterprise edition.
Duplicati is a backup tool with a web-based GUI that targets desktop users who want to back up to cloud storage. It is written in C# and runs on Windows, macOS, and Linux via Mono or .NET. Duplicati supports encryption, compression, and a wide range of cloud backends including Google Drive, OneDrive, and Dropbox in addition to standard S3 and B2. Its primary audience is home users and small businesses who want a graphical, set-and-forget backup solution.
BackupPC is a high-performance, enterprise-grade system for backing up Linux, Windows, and macOS PCs and laptops to a central server. It uses pooling and compression to minimize storage requirements and supports SMB and rsync as transfer protocols. BackupPC does not require client software, making it easy to deploy across existing infrastructure. Its web interface provides monitoring, browsing, and restoration capabilities.
Amanda (Advanced Maryland Automatic Network Disk Archiver) is one of the oldest open source backup tools, originally developed at the University of Maryland. It is designed for large-scale network environments and supports tape, disk, and cloud storage. Amanda uses a centralized server architecture and supports both Linux and Windows clients. It is best suited for organizations that need a proven, mature backup platform with tape support.
Key Features to Evaluate
When comparing backup tools, these features should drive your decision. The relative importance of each depends on your specific environment and requirements.
Platform support is the first filter. If you need to back up Windows machines, BorgBackup is immediately off the table. If you need to back up a fleet of mixed Windows and Linux systems to a central server, UrBackup or BackupPC are your strongest options. For cross-platform CLI use, Restic and Kopia both have native binaries for all major platforms.
Storage backend support determines where your backup data can live. BorgBackup only supports local storage and SSH remotes. Restic and Kopia support local, SFTP, S3, B2, Azure, GCS, and several other backends. UrBackup stores backups on its own server's local storage. If you want to back up directly to a cloud provider, Restic and Kopia are the clear choices.
Deduplication quality directly affects your storage costs. All three major tools (Borg, Restic, Kopia) use content-defined chunking for deduplication, but they differ in chunk sizes, algorithms, and resulting deduplication ratios. BorgBackup typically achieves the best deduplication ratios, particularly on large files with small changes. Restic and Kopia are close behind and continue to improve with each release.
Encryption implementation matters for security-sensitive environments. Restic mandates encryption with no opt-out, which prevents accidental exposure. BorgBackup and Kopia make encryption optional but strongly recommended. All three use AES-256 with authenticated encryption modes. The key management approach differs: Restic derives keys from a password, BorgBackup supports both password and keyfile authentication, and Kopia supports password-based key derivation.
Restoration speed is often overlooked during tool selection but becomes critical during an actual disaster. Image-based tools like UrBackup can restore an entire machine in under an hour. File-based tools like Restic and BorgBackup are fast for individual file recovery but slower for full-system restoration. Consider how quickly you need to be back online and choose accordingly.
Monitoring and reporting capabilities vary widely. UrBackup and BackupPC include web dashboards with backup status, failure alerts, and client health monitoring. CLI-only tools like Restic and BorgBackup require external monitoring through scripts, cron job wrappers, or third-party tools like Prometheus exporters. Kopia bridges the gap with its built-in web UI that shows snapshot history and repository statistics.
Choosing the Right Tool
The best backup tool is the one you will actually use consistently. A perfect backup strategy that runs unreliably is worse than a simple one that runs every day without fail. Here are practical recommendations by use case.
Single Linux server or workstation: Restic if you want cloud backend support, BorgBackup if you want maximum efficiency with SSH storage. Both can be scheduled with a simple cron job or systemd timer and produce reliable, encrypted, deduplicated backups with minimal configuration.
Developer workstation (any platform): Restic for its cross-platform support and cloud backends. A single command backs up your home directory to Backblaze B2 for pennies per month. Kopia is equally capable and adds a GUI for those who prefer it.
Small office with 5-50 machines: UrBackup for its centralized management, web interface, and image backup support. It gives you one dashboard to monitor all machines and the ability to restore entire workstations from bare metal if needed.
Large enterprise environment: Bacula or Amanda for their proven track record in large-scale deployments, tape library support, and mature management features. Both handle complex multi-site, multi-tier storage architectures that simpler tools are not designed for.
Home user backing up to the cloud: Duplicati for its user-friendly web interface and support for consumer cloud storage like Google Drive and OneDrive. Alternatively, Kopia if you want more control and do not mind a slightly steeper learning curve.
Storage Backends and Destinations
Where you store your backups is as important as how you create them. Each storage option has different cost, performance, durability, and accessibility characteristics.
Local storage (external drives, NAS devices, local disk) offers the fastest backup and restore speeds and zero ongoing costs beyond the hardware. It protects against hardware failure on the primary machine but does not protect against theft, fire, or flood. Every backup strategy should include local storage as one layer, but never as the only layer.
SSH/SFTP remotes allow you to back up to any server you have SSH access to, including cloud VPS instances, dedicated servers, or machines at a friend's house. BorgBackup works exclusively over SSH. Restic and Kopia also support SFTP. The main advantage is simplicity, you are backing up to a standard Linux filesystem over an encrypted connection. The disadvantage is that you need to manage the remote server yourself.
Object storage (Amazon S3, Backblaze B2, Wasabi, MinIO, Google Cloud Storage, Azure Blob Storage) provides virtually unlimited, highly durable storage at low per-gigabyte costs. B2 and Wasabi are popular choices for backups because they charge $5-6 per TB per month with no egress fees (Wasabi) or low egress fees (B2). Restic and Kopia have native support for all major object storage providers. This is the most cost-effective option for offsite backup storage.
Self-hosted object storage using MinIO lets you run an S3-compatible storage backend on your own hardware. This gives you the API compatibility of cloud object storage with the privacy and performance of local infrastructure. Many organizations use MinIO as a local backup target and then replicate to a cloud provider for offsite protection.
Tape storage remains relevant for large-scale archival and compliance requirements. Bacula and Amanda have mature tape support with features like automated tape rotation, multi-drive libraries, and media pools. For most small and medium deployments, disk and cloud storage have replaced tape, but regulated industries and very large data sets still benefit from tape's low per-TB cost and offline durability.
Security and Encryption
Backup security deserves careful attention because backup archives contain your most sensitive data in a concentrated, easily exfiltrated format. A compromised backup archive is potentially worse than a compromised live system because it may contain historical data, deleted files, and credentials from multiple time periods.
Client-side encryption means your data is encrypted on your machine before it is transmitted to the backup storage. This is the most important security feature to look for. With client-side encryption, the storage provider (whether a cloud service or a self-hosted server) never sees your unencrypted data. Restic, BorgBackup, and Kopia all implement true client-side encryption.
Key management is the weakest link in most backup encryption setups. If you lose your encryption key, your backups are permanently inaccessible, no recovery is possible. Store your key or password in a separate, secure location such as a password manager, a printed copy in a safe, or a hardware security module for enterprise environments. Never store your backup encryption key alongside the backup itself.
Repository integrity verification ensures that your backup data has not been corrupted or tampered with. Restic includes a built-in check command that verifies the integrity of the repository structure and optionally reads all data blobs to confirm they are intact. BorgBackup offers similar verification through its check command. Run integrity checks regularly, a backup you cannot restore is not a backup.
Access control for multi-user environments requires careful planning. Kopia's server mode supports multiple users with separate repository access. UrBackup has built-in user management with role-based access control. For CLI tools, access control is typically managed through filesystem permissions and SSH key management on the storage backend.
Getting Started with Open Source Backups
If you are new to open source backup software, the fastest path to a working backup is straightforward. Install Restic or Kopia on your machine, create a repository on a local external drive or a cloud storage account, and run your first backup. The entire process takes under 30 minutes for most users.
Start with a local backup target to learn the tool's workflow without the complexity of network configuration. Once you are comfortable, add a cloud backend as your offsite copy. Configure a daily schedule using cron (Linux/macOS) or Task Scheduler (Windows). Set a retention policy that keeps daily snapshots for 30 days and weekly snapshots for 6 months. Test restoration by recovering individual files from your backup, then do a full directory restore to confirm everything works end to end.
The most common mistake new users make is setting up backups but never testing restoration. Schedule a monthly restore test where you recover a random file or directory from your backup and verify its contents. This catches configuration problems, corruption, and permission issues before they matter during a real emergency.
For detailed setup instructions, comparisons between specific tools, and platform-specific guidance, explore the articles below.