Re: [Duplicity-talk] how to correctly use sign-key

duplicity-talk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] how to correctly use sign-key

From:	Kenneth Loafman
Subject:	Re: [Duplicity-talk] how to correctly use sign-key
Date:	Fri, 30 May 2008 08:31:47 -0500
User-agent:	Thunderbird 2.0.0.14 (X11/20080505)

Tim Riemenschneider wrote:
> How can you (reliably) use --sign-key (with --encrypt-key)?
> 
> I want to sign the backups with one key (which is located on the server)
> and encrypt it with another (whose secret key should not be on the server).
> 
> I tested this locally (following some advise from thread
> *[Duplicity-talk] how to tell duplicity to NOT sign (want to encrypt to
> public key only)
> <http://lists.gnu.org/archive/html/duplicity-talk/2008-05/msg00059.html>
> 
> I created two new keys (just for testing, so with trivial passwords)
> Is is correct that --archive-dir is required for this (and should
> therefore kept save, against what's said in the man-page)?
> 
> I tested it like this:
> 1) Full backup (/tmp/backuptest is empty)
> address@hidden:~/.backup$ PASSPHRASE="sign" duplicity --encrypt-key 92AC19CD
> --sign-key 873E6295 --archive-dir /tmp/arch --gpg-options
> "--homedir=~/.backup" /home/tim/shared/ file:///tmp/backuptest
> No signatures found, switching to full backup.
> --------------[ Backup Statistics ]--------------
> StartTime 1212099040.51 (Fri May 30 00:10:40 2008)
> EndTime 1212099064.82 (Fri May 30 00:11:04 2008)
> ElapsedTime 24.31 (24.31 seconds)
> SourceFiles 4
> SourceFileSize 29661160 (28.3 MB)
> NewFiles 4
> NewFileSize 29661160 (28.3 MB)
> DeletedFiles 0
> ChangedFiles 0
> ChangedFileSize 0 (0 bytes)
> ChangedDeltaSize 0 (0 bytes)
> DeltaEntries 4
> RawDeltaSize 196608 (192 KB)
> TotalDestinationSizeChange 30060703 (28.7 MB)
> Errors 0
> -------------------------------------------------
> ===> only sign-password is needed
> 
> 2) Inc. backup
> address@hidden:~/.backup$ PASSPHRASE="sign" duplicity --encrypt-key 92AC19CD
> --sign-key 873E6295 --archive-dir /tmp/arch --gpg-options
> "--homedir=~/.backup" /home/tim/shared/ file:///tmp/backuptest
> --------------[ Backup Statistics ]--------------
> StartTime 1212099070.16 (Fri May 30 00:11:10 2008)
> EndTime 1212099070.23 (Fri May 30 00:11:10 2008)
> ElapsedTime 0.08 (0.08 seconds)
> SourceFiles 4
> SourceFileSize 29661160 (28.3 MB)
> NewFiles 0
> NewFileSize 0 (0 bytes)
> DeletedFiles 0
> ChangedFiles 0
> ChangedFileSize 0 (0 bytes)
> ChangedDeltaSize 0 (0 bytes)
> DeltaEntries 0
> RawDeltaSize 0 (0 bytes)
> TotalDestinationSizeChange 2601 (2.54 KB)
> Errors 0
> -------------------------------------------------
> ===> works too
> 
> 3) simulate a loss of the archive dir
> address@hidden:~/.backup$ rm /tmp/arch/duplicity-*
> address@hidden:~/.backup$ PASSPHRASE="sign" duplicity --encrypt-key 92AC19CD
> --sign-key 873E6295 --archive-dir /tmp/arch --gpg-options
> "--homedir=~/.backup" /home/tim/shared/ file:///tmp/backuptest
> Fatal Error: Neither remote nor local manifest is readable.
> ===> we don't have a unencrypted manifest, so we can not continue.
> 3b) provide encrypt-secret key (-password):
> address@hidden:~/.backup$ PASSPHRASE="encrypt" duplicity --encrypt-key
> 92AC19CD --sign-key 873E6295 --archive-dir /tmp/arch --gpg-options
> "--homedir=~/.backup" /home/tim/shared/ file:///tmp/backuptest
> Traceback (most recent call last):
>   File "/usr/bin/duplicity", line 463, in <module>
>     with_tempdir(main)
>   File "/usr/bin/duplicity", line 458, in with_tempdir
>     fn()
>   File "/usr/bin/duplicity", line 451, in main
>     incremental_backup(sig_chain)
>   File "/usr/bin/duplicity", line 186, in incremental_backup
>     bytes_written = write_multivol("inc", tarblock_iter, globals.backend)
>   File "/usr/bin/duplicity", line 87, in write_multivol
>     globals.gpg_profile,globals.volsize)
>   File "/usr/lib/python2.5/site-packages/duplicity/gpg.py", line 219, in
> GPGWriteFile
>     file.write(block_iter.get_footer())
>   File "/usr/lib/python2.5/site-packages/duplicity/gpg.py", line 125, in
> write
>     return self.gpg_input.write(buf)
> IOError: [Errno 32] Broken pipe
> address@hidden:~/.backup$ 
> ===> now we can read the encrypted manifest, however we can not
> continue, since the password does not match the sign-key
> 
> How can I recover/continue from this?
> Would it be possible to provide two different passwords?

Currently, it is not possible to use two different passwords.  Normally,
the encrypt key is unsigned and the security is handled by keeping the
public key and the private key separate.

This problem will be alleviated when I implement the use of gpg-agent,
sometime in a future release.

...Ken

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Duplicity-talk] how to correctly use sign-key, Tim Riemenschneider, 2008/05/29
- Re: [Duplicity-talk] how to correctly use sign-key, Tim Riemenschneider, 2008/05/29
- Re: [Duplicity-talk] how to correctly use sign-key, Kenneth Loafman <=

Prev by Date: Re: [Duplicity-talk] Slow file restore
Next by Date: Re: [Duplicity-talk] Slow file restore
Previous by thread: Re: [Duplicity-talk] how to correctly use sign-key
Next by thread: [Duplicity-talk] IOError: [Errno 22] Invalid argument
Index(es):
- Date
- Thread