Re: [Duplicity-talk] Duplicity without Secret Key

[Colin Ryan]

Hrm,

My duplicity options are:

duplicity incr   --verbosity=6 --num-retries=50 
--archive-dir='/opt/aa/service/nas/offsite/duplicity'  --sign-key=<HEX> 
--encrypt-key=<HEX>

Where HEX is the key id for the key with just the public key installed 
and signed.

I get:


gpg: no default secret key: secret key not available
gpg: [stdin]: sign+encrypt failed: secret key not available
gpg: no default secret key: secret key not available
gpg: [stdin]: sign+encrypt failed: secret key not available

But if I use a key with the private key available it seems to work.

As well, a basic sanity check of gpg with the offending key appears to 
be fine.

gpg  -r <HEX> --sign --encrypt --debug 64 < /etc/hosts > test

Any ideas?




Colin Ryan wrote:
> Ahh thanks I was using that cause it said then that the manifest etc 
> are unenrypted locally so I'll try fiddling some more.
>
> Thanks folks
>
> Andrew Kohlsmith (lists) wrote:
> > On October 3, 2008 10:12:47 am Kenneth Loafman wrote:
> >  
> > > If you use --archive-dir=<localdir> then duplicity will not need to
> > > decrypt the manifest and sig files and should not need the secret key.
> > > I'm not sure this path has been tested, but it should work.
> > >     
> >
> > This exactly how I use it (I encrypt with several keys, only one of 
> > which the duplicity server has the private key for), and it works 
> > fine with --archive-dir.
> >
> > -A.
> >
> >
> > _______________________________________________
> > Duplicity-talk mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/duplicity-talk
> >   
>
>
>
> _______________________________________________
> Duplicity-talk mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/duplicity-talk