a real cool config backup option would be sending a backup of the current config via email to the user (lets say once a week) so that you always have the latest config and dont have to mind about which conf to use of all the old config files…or having none at all.
Conditions should be: only transport encryption allowed. passwords are hashed with save algos.
so there shouldnt be a big risk here. you anyway should send that email to your own server or trustworthy provider…
btw sophos does it like this on their UTM platform and i like it.
end-to-end encryption would be nice but i know not on any prio list here.
Additionally, like on Sophos UTM, the attached config file should be encrypted (Sophos uses twofishe here, which should be replaced by twofish or any other stronger algo). You setup a encrypt PW to the config file which you have to type in when uploading the config to the box again. Then there should be NO argument left against auto sending config via email.